We’ve discussed before how some Internet browsers have Do Not Track features to give consumers more control over the personal data that is gathered by Web sites or advertisers. The Do Not Track and other privacy tools in browsers seek to avoid “cookies,” which collect data about and can track users’ Internet searches and sites visited. Apple’s Safari, Mozilla’s Firefox and Microsoft’s Explorer browsers all have Do Not Track tools that people use to avoid companies gathering and using browsing data for targeted behavioral advertising and other activities.
Now, the Wall Street Journal reports on new research by Stanford researcher Jonathan Mayer that shows four companies seek to circumvent consumers’ privacy settings in Apple’s browser, Safari. Mayer wrote: “We identified four advertising companies that unexpectedly place trackable cookies in Safari. Google and Vibrant Media intentionally circumvent Safari’s privacy feature. Media Innovation Group and PointRoll serve scripts that appear to be derived from circumvention example code.”
The Journal reports:
Google Inc. and other advertising companies have been bypassing the privacy settings of millions of people using Apple Inc.’s Web browser on their iPhones and computers—tracking the Web-browsing habits of people who intended for that kind of monitoring to be blocked.
The companies used special computer code that tricks Apple’s Safari Web-browsing software into letting them monitor many users. Safari, the most widely used browser on mobile devices, is designed to block such tracking by default.
Google disabled its code after being contacted by The Wall Street Journal.
The Google code was spotted by Stanford researcher Jonathan Mayer and independently confirmed by a technical adviser to the Journal, Ashkan Soltani, who found that ads on 22 of the top 100 websites installed the Google tracking code on a test computer, and ads on 23 sites installed it on an iPhone browser.
The technique reaches far beyond those websites, however, because once the coding was activated, it could enable Google tracking across the vast majority of websites. Three other online-ad companies were found using similar techniques: Vibrant Media Inc., WPP PLC’s Media Innovation Group LLC and Gannett Co.’s PointRoll Inc. […]
In a statement, Google said: “The Journal mischaracterizes what happened and why. We used known Safari functionality to provide features that signed-in Google users had enabled. It’s important to stress that these advertising cookies do not collect personal information.”
The Journal also has an in-depth look at exactly how Google circumvented Safari’s privacy technology: “How Google Tracked Safari Users.”