A court ordered Google to pay $425 million after finding the company misled 98 million users about data collection through its “Web & App Activity” setting[1]. The case revealed Google continued gathering user data via Firebase, a monitoring database embedded in 97% of top Android apps and 54% of leading iOS apps, even after users disabled data collection[1:1].
Google’s internal communications showed the company was “intentionally vague” about its data collection practices because being transparent “could sound alarming to users,” according to district judge Richard Seeborg[1:2].
This ruling adds to Google’s recent privacy settlements, including:
- $392 million paid to 40 states in 2023 for location tracking violations
- $40 million to Washington state for similar location tracking issues
- $1.38 billion to Texas in 2025 over location tracking and incognito mode claims[1:3]
Google plans to appeal the $425 million verdict, with spokesperson Jose Castaneda stating “This decision misunderstands how our products work” and asserting that Google honors user privacy choices[1:4].
Yes, a lot of people believe this. Privacy and security only depends on the ethics and intentions of the dev or company, not of the license of their product. A lot of mal/spyware is FLOSS, even Googles tracking APIs (eg.googleanalytics, google-tagmanager, etc), included in a lot of FOSS, is.
Wrong, anti-libre software traps us in every abusive decision of its owner.