Google has agreed to pay a total of $29.5 million to settle two different lawsuits brought by Indiana and Washington, D.C., over its “deceptive” location tracking practices.
The search and advertising giant is required to pay $9.5 million to D.C. and $20 million to Indiana after the states sued the company for charges that the company tracked users’ locations without their express consent.
The settlement adds to the $391.5 million Google agreed to pay to 40 states over similar allegations last month. The company is still facing two more location-tracking lawsuits in Texas and Washington.
The lawsuits came in response to revelations in 2018 that the internet company continued to track users’ whereabouts on Android and iOS through a setting called Web & App Activity despite turning Location History options off.
Google was also accused of employing dark patterns, which refer to design choices intended to deceive users into carrying out actions that violate their privacy and overshare information without their knowledge or affirmation.
“Google uses location data collected from Indiana consumers to build detailed user profiles and target ads, but Google has deceived and misled users about its practices since at least 2014,” the state said in a statement last week.
Pursuant to the settlement, the company has been ordered to notify users with Location History and Web & App Activity enabled about whether location data is being collected, alongside steps users can take to disable the settings and delete the data.
Google is also expected to maintain a web page that discloses all the types and sources of location data it gathers as well as refrain from sharing users’ precise location information with third-party advertisers without explicit consent.
What’s more, it will need to automatically delete location data derived from a “device or from IP addresses in Web & App Activity within 30 days” of obtaining the information.
The Mountain View-based company, in November 2022, noted that the lawsuits are based on “outdated product policies” and that it has rolled out a number of privacy and transparency enhancements that allow users to auto-delete location data tied to their accounts.
Google further stated it will start providing more “detailed” information regarding the Web & App Activity control, in addition to launching an information hub and a new toggle to turn off both Location History and Web & App Activity settings and delete past data in “one simple flow.”
“Given the vast level of tracking and surveillance that technology companies can embed into their widely used products, it is only fair that consumers be informed of how important user data, including information about their every move, is gathered, tracked, and utilized by these companies,” D.C. Attorney General Karl A. Racine said.
