FTC’s Google Fine Could Cramp Innovation. Or Not.

It also could be relatively meaningless in the ongoing tug of war over Internet privacy.

After the federal government dealt Google a record $22.5 million fine for allegedly misrepresenting its service terms in violation of a previous privacy settlement, a free market group called the punishment a loss for citizens. Other consumer advocacy groups said the sentence was too light because the company didn’t take responsibility for its actions. And some bystanders chalked up the whole thing to a parlor game.

The Competitive Enterprise Institute described the Federal Trade Commission’s penalty as an overreaction that will chill innovation and scare startups away from the Internet.

“Although Google found itself in the FTC’s crosshairs this time, the agency could have just as easily targeted any number of other Web companies for similarly minor missteps,” Ryan Radia, CEI associate director of the Center for Technology and Innovation, said in a statement, adding the settlement will benefit regulators and lawyers “at the expense of the consumers the agency is supposed to protect.”

In 2011, Google agreed to stop misleading users about its data collection practices after it abused customer information on the now-defunct Google Buzz social network. This year, researchers discovered that the firm again was taking advantage of customer data without disclosure, this time to tailor advertising.

The company deposits onto users’ browsers tracking programs, or cookies, that collect intelligence from the sites they visit to sell ads. But Apple’s Safari Web browser should automatically stop Google from dropping these cookies, according to Google’s own policies. The one exception is that Safari allows certain online forms to take cookies, but only from the same website providing the form. Apple allegedly took advantage of this quirk to trick browsers into thinking its cross-site cookies were the sanctioned kind.

Google has not admitted to any wrongdoing.

CNET reported a Google spokesperson as saying, "the FTC is focused on a 2009 help center page published more than two years before our consent decree, and a year before Apple changed its cookie-handling policy. We have now changed that page and taken steps to remove the ad cookies, which collected no personal information, from Apple's browsers,”

The federal agency expects the reprimand will convince other online businesses to take FTC’s privacy rules seriously.

“The record-setting penalty in this matter sends a clear message to all companies under an FTC privacy order,” commission Chairman Jon Leibowitz said in a statement. “No matter how big or small, all companies must abide by FTC orders against them and keep their privacy promises to consumers or they will end up paying many times what it would have cost to comply in the first place.”

Other observers, noting that Google’s fine-to-earnings ratio is infinitesimal, questioned the strength of that message.

“Is the money enough? Or is Google just treating the penalty as part of its cost of doing business?” Paul Ducklin, a researcher at antivirus software company Sophos, asked in a blog post: “To be sure, $22.5 million is a lot of money. But Google already forked out $500 million in August 2011 for helping illegal vendors of pharmaceuticals to place ads on its servers -- not just for taking the scammers' money, you understand, but for helping these ‘customers’ to bypass the controls Google had already put in place to prevent the abuse.”

He then polled readers about whether levies are sufficient to compel tech giants to respect privacy. See the results for yourself.