Privacy Concerns About Google Over Safari Cookie Controversy

By | Feb 22, 2012

A new round of privacy concerns about search giant Google surfaced after researchers revealed an apparent bypass of privacy settings in Apple's Safari browser. At issue is the method of how cookies are installed in browsers, and whether Safari users knowingly approve of the code. Cookies can be used to track browsing behavior, and Safari privacy settings intended to block the tracking could give users a false impression that their browsing was not being tracked when indeed it was. Google indicated that the bypass was inadvertent and has reportedly disabled the code at issue following an article in The Wall Street Journal.

Stanford University student Jonathan R. Mayer discovered the code, which was validated by Ashkan Soltani, an independent security and privacy expert. The cookie controversy follows a recent decision by Google to consolidate 60 different privacy policies into one that spans across many products, including Google search, Gmail, YouTube, Picasa, Google+, and Google maps.

The use of HTTP or web cookies began in the mid 1990s with the proliferation of web browsers. Website owners and advertisers use cookies to collect information during a browsing session for a variety of functions, such as authenticating a user, storing user preferences, and remembering the contents of a shopping cart. Cookies can be designed to be limited to a single visit or browsing session, or to be persistent and used across sessions.

The criticism leveled at Google's cookie tracking is over a perceived issue of trust regarding privacy. Google representatives claim is that the advertising cookies did not collect personal information, and that the way in which the code operated on Safari browsers was a "known functionality."

The Safari browser is used on Apple computers and mobile devices. Another article at The Wall Street Journal provides instructions to set or examine the state and tracking settings on your device, and the results can be rather surprising. Existing cookies and privacy information can be deleted, and there are software products that exist to selectively or automatically block tracking. Some products require installing additional software to "jailbreak" iPhone and iPad devices to alter Apple's security and DRM controls.

The cookie controversy is likely to result in more scrutiny from privacy and consumer groups and regulators such as the Federal Trade Commission, which has increased its vigilance regarding software companies including Google and Facebook over privacy issues.

This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet.

IBM Solution Security & Resiliency

IBM IT security expertise can help medium-sized businesses develop, implement and maintain comprehensive strategies to combat ever-evolving security threats without increasing complexity, cost, or resources required for administration.

Learn More »

More on This Topic

Three Security Concerns for 2016

By Allan Pratt on Dec 4, 2015
As we near the end of 2015, what will 2016 look like in the information security sector? Undoubtedly there be an increase in data breaches across all industries, but will businesses take the high road and inform their customers and ...