September 26, 2021

Volume XI, Number 269

Advertisement

September 24, 2021

Subscribe to Latest Legal News and Analysis

September 23, 2021

Subscribe to Latest Legal News and Analysis
Advertisement

Search and You’ll Be Found - Two Recent Lawsuits Allege that ISP's Violated Privacy by Sharing Referrer Data.

Two recent lawsuits allege that internet service providers violated users’ privacy by sharing “referrer data” containing potentially identifying information. 

A former technologist with the Federal Trade Commission filed a privacy complaint (link via WSJ) against Google with his ex-employer.   The complaint alleges that Google does not allow users to easily prevent transmission of information that allows website operators to determine the search terms used to access their sites.  It claims that this constitutes a deceptive business practice by Google because “if consumers knew that their search queries are being widely shared with third parties, they would be less likely to use Google.”  

According to the complaint, Google search URLs contain the user’s search terms, and when users click on a search result the webmaster of that site can see the terms used to access it.   The complaint alleges that this conflicts with Google’s Privacy Policy and cites to Google’s court admissions that search queries may reveal “personally identifying information” and that consumers trust Google to keep their information private.  

Google has allegedly tested products that deleted search terms from the referrer data visible to webmasters but discontinued them after receiving complaints and posted reassurances that search terms would remain visible.  Apparently Google now offers an SSL encrypted search engine at https://www.google.com which protects search terms from being intercepted, but the complaint notes that this is not the default setting and it is not linked from the regular Google site.  It also notes that Google provides search term protection to Gmail users searching their inboxes. 

The merits of the complaint may hinge on whether search terms should be considered “personal information.”  The complaint notes that the New York Times was able to indentify supposedly anonymous AOL searchers in 2006 when AOL leaked a dataset of search queries. 

The second suit alleges that, from February through May, Facebook transmitted referrer information to advertisers about users who clicked on their ads.  It alleges violations of the federal Electronic Communications Privacy Act and Stored Communications Act as well as California computer privacy and unfair competition laws and common law claims of breach of contract and unjust enrichment.  The suit claims that “Facebook has caused users’ browsers to send Referrer Header transmissions that report the user ID or username of the user who clicked an ad, as well as the page the user was viewing just prior to clicking the ad . . . For example, if one Facebook user viewed another user’s profile, the resulting Referrer Headers would report both the username or user ID of the person whose profile was viewed, and the username or user ID of the person viewing that profile.”

 As in the Google complaint discussed above, the plaintiffs allege that Facebooks actions violate its privacy policy (which allegedly states “we never share your personal information with our advertisers”) and other representations to users as well as state and federal privacy laws.   The amended complaint may be stronger than the suit against Google because referring Facebook pages, unlike Google searches, are often highly personalized and contain the Facebook user’s name.  Facebook allegedly stopped embedding referrer data in May after media accounts exposed the practice.  

Although some tech executives have been quick to sound the death knell for online privacy, consumers – even those who are products of the Internet generation – continue to disagree.   A recent poll shows that 85 percent of teens believe social media sites should obtain their permission before using their information for marketing purposes. 

Excerpted from FVLD’s blog, http://www.postorperish.com, which regularly discusses these and other issues facing online publishers.

© Copyright 1999-2021, Funkhouser Vegosen Liebman & Dunn Ltd. All rights reserved.National Law Review, Volume , Number 289
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Damon Dunn, FVLD, Litigation attorney
Lawyer

Damon is ranked as a “Leading Lawyer” in Advertising and Media Law, Civil Appellate Law, Civil Rights/Constitutional Law, Commercial Litigation and ADR by Leading Lawyers Network and has an “AV (highest certification) Peer Review Rating by Martindale Hubbell, a leading professional directory.  He recently successfully argued a corporate merger case of first impression to the Delaware Supreme Court, won two Illinois defamation appeals and served as a Special Assistant Illinois Attorney General at the request of the Circuit Court of Cook County.  His practice has ranged from obtaining one of...

312.701.6825
Seth Stern, Litigation lawyer, FVLD
Lawyer

Seth has successfully litigated numerous First Amendment, employment, and commercial disputes for clients in the media, financial services and healthcare industries, among others.

Seth’s extensive First Amendment and media experience includes regularly defending defamation and invasion of privacy complaints as well as obtaining access to court records and proceedings for our media clients. Some examples of the latter include opposing closures of hearings and court records in high profile cases involving Drew Peterson, Laquan McDonald and former Mayor Daley’s nephew.

...

312-701-6837
Advertisement
Advertisement
Advertisement