Google has been ordered by a US federal jury to pay $425 million in damages for collecting user data from mobile apps even when users had enabled privacy settings to prevent such tracking.
The verdict, delivered on Wednesday in San Francisco, marks the conclusion of a class-action lawsuit filed in July 2020, accusing the tech giant of illegally intercepting and monetising user activity on smartphone apps.
“This case is about Google’s illegal interception of consumers’ private activity on mobile applications,” the plaintiffs’ attorneys said in court filings, arguing that Google ignored user privacy choices and misled the public about how its data collection tools operate.
In response to the jury’s decision, Google spokesperson Jose Castaneda rejected the verdict, stating that the company disagrees with the ruling and will appeal.
“This decision misunderstands how our products work,” Castaneda said. “Our privacy tools give people control over their data, and when they turn off personalisation, we honour that choice.”
The ruling comes just a day after a separate antitrust case in Washington, D.C., in which a judge declined to force Google to divest its Chrome browser, marking a partial win for the company in a broader regulatory crackdown.
Global Data Practices Under Fire
Google’s privacy practices have come under increasing legal and regulatory scrutiny worldwide. On the same day as the US ruling, France’s data protection authority (CNIL) announced a pair of record-breaking penalties, fining Google €325 million ($350 million) and fast-fashion giant Shein €150 million ($175 million) for violating cookie consent rules.
According to CNIL, both companies failed to obtain clear, informed user consent before placing advertising cookies on devices violations of European data protection laws.
Google acknowledged the CNIL ruling and stated it would review the decision, claiming it had previously made adjustments in line with the regulator’s guidance.
This latest fine marks the third time CNIL has penalised Google over cookies. The company paid €100 million in 2020 and €150 million in 2021 for similar infractions.
Balancing Privacy and Profit
At the core of Google’s legal troubles is the tension between protecting user privacy and fuelling its ad-driven business model. The company has pledged to phase out third-party tracking cookies and introduce less intrusive alternatives, but regulators and privacy advocates argue that current practices still leave consumers vulnerable to exploitation.
In the US privacy lawsuit, the plaintiffs alleged that Google continued to track and sell user activity data from mobile apps even when users disabled personalisation features.
“Google’s privacy promises and assurances are blatant lies,” the lawsuit stated.
As lawsuits mount and fines escalate, pressure is growing on big tech companies to overhaul data collection systems and align more closely with global privacy standards.
