Google accused of recording Chrome users’ personal data regardless of user consent


Google faces a new class-action lawsuit accusing Chrome browser of recording and sending user data to Google servers

Google has been accused of its Chrome browser recording and sending users’ personal information to its servers regardless of whether the Chrome user has synced it on not. It is alleged that Google does so even if the Chrome user doesn’t have an account with Google. A new class-action lawsuit filed by Patrick Calhoun and others claims that the Chrome browser sends user’s personal information such as IP addresses, cookie identifiers, and browsing history to Google without users’ consent and against Google’s promises that the information will not be sent.

The Google privacy class-action lawsuit, Patrick Calhoun, et al. v. Google LLC, Case No. 5:20-cv-05146 has been filed in California District Court. The lawsuit claims Google “unprecedented power to surveil the lives of more than half of the online country in real-time” with tracking codes “accounting for more than half of all internet traffic.” It also adds that Google is helped by the fact that Chrome is the dominant browser used on desktop computers in the U.S.

The complaint also claims Google is misrepresenting its privacy practices because some of the company’s third-party tracking cookies are “disguised” as first-party tracking cookies in order to “facilitate cookie syncing.” The plaintiffs note the Federal Trade Commission has challenged these practices successfully in the past.

The lawsuit says though all versions of the Chrome Privacy Notice promise the browser will not send personal information to Google unless a user decides to sync Chrome with their account, the company still does so. The lawsuit says Google uses an x-client-data identifier, which is sent from Chrome to Google every time users communicate online is not at all mentioned in any Chrome ToS or Privacy Policy. The lawsuit alleges that the x-client-data identifier was created and sent to Google with every communication since at least March 6, 2018.

x-client-data header is an identifier that can be combined with IP addresses and user-agents to identify each individual download version of Chrome.

“Google’s surveillance of the Plaintiffs and other Un-Synched Chrome Users directly contradicts its promises to honor users’ choice not to share data,” the class action lawsuit states. “This is a serious and irreversible invasion of privacy that is invisible to Google users.” “Higher user engagement means more revenue in that moment for Google, and also more data about the users that can lead to more revenue. By promising more privacy, Google induces more private sharing, which is a more profitable kind of user engagement.”

The plaintiffs say that Google uses its vast network of affiliates, including Google Apps, Google Drive, Google AdWords, and partner firms to disseminate this confidential information and turn it “into a massive interconnected database of surveillance material.”

The class-action lawsuit wants the court to recognize their personal information as a property with monetary value. It demands that Google be tried of larceny, invasion of privacy, breach of contract, breach of the implied covenant of good faith and fair dealing, intrusion upon seclusion, and unjust enrichment.

The lawsuit says Google violated the Electronic Communications Privacy Act, the Stored Communications Act, the Computer Fraud and Abuse Act, the California Unfair Competition Law, the California Computer Data Access and Fraud Act, and the California Invasion of Privacy Act.

The plaintiffs seek to certify a Class including all Chrome users who opted to not sync their browsers and Google accounts while browsing the web between July 27, 2016, and present.


About Author

"The Internet is the first thing that humanity has built that humanity doesn't understand, the largest experiment in anarchy that we have ever had." Eric Schmidt

Notify of
Inline Feedbacks
View all comments