Privacy & Information Security Law Blog

On September 14, 2023, California Attorney General Rob Bonta announced a $93 million settlement with Google, LLC (“Google”) resolving alleged violations of California’s false advertising law and unfair competition law.

In the complaint, AG Bonta alleged that Google deceived users regarding how it collected, stored, and used users’ precise geolocation information. For example, AG Bonta alleged that Google made misleading statements regarding:

• Google’s Location History setting and the collection, use and retention of precise geolocation information in connection with that feature, including for purposes of profiling for advertising purposes;
• Web & App Activity and the collection, use, and retention of precise geolocation information in connection with that feature, including when Location History setting is turned off; and
• Ads Personalization and the collection, use and retention of precise location information in connection with that feature and/or for advertising, including when the “Show me personalized ads” setting is turned off.

Regarding Google’s use of precise geolocation information, AG Bonta stated, “Google generates the majority of its revenue from advertising, and location-based advertising (or geotargeted advertising) is a critical feature of Google’s advertising platform because advertisers want the ability to market to users based on their geographical locations. Google also uses their location information to build behavioral profiles of users to help determine which ads to serve users.”

Under the settlement, Google must:

• Pay $93 million in penalties;
• Provide additional notifications to users regarding settings to manage their location information;
• Provide users with detailed disclosures about the location information that Google collects, how it is used, and ways users can manage the information through a “Location Technologies” webpage;
• Disclose to users that their location information may be used for ads personalization;
• Disclose to users before using location information to build ad targeting profiles for users; and
• Obtain review by Google’s internal Privacy Working Group and document approval for changes to location-setting and ads personalization disclosures that will have a material impact on privacy.