An important data privacy case recently concluded with a shocking verdict by the jury: Google secretly collected user data on cellphone apps. As a result, Google must now pay $425 million to affected consumers. The lawsuit, Rodriguez v. Google LLC, was filed in federal court and alleged that Google violated the privacy rights of millions of cellphone users in the United States who thought that their online activity was private. According to the plaintiffs, Google collected and saved information about users’ activities on third-party apps despite the fact that the users had opted out of being tracked. The verdict and significant damages award send a strong message to tech companies that they will not be allowed to steal customer data.
To learn more about the Google data privacy case, keep reading.
Google Sued for Violating California Invasion of Privacy Laws
The Google app data class action lawsuit was filed in the U.S. District Court for the Northern District of California. Prior to trial, the U.S. District Court judge certified the class of roughly 98 million Google users. According to the court, the eligible class action plaintiffs accessed apps through Google on 174 million devices over the eight-year period covering the lawsuit.
The plaintiffs brought three (3) claims in the class action:
- Invasion of Privacy
- Intrusion Upon Seclusion
- Violation of the California Computer Data Access and Fraud Act (CDAFA)
Google Accused of Improperly Collecting and Selling Consumer Data
Google was accused of misrepresenting the data privacy options available to smartphone users by secretly collecting, saving, and then using their data. This happened while the cellphone users assumed their online activity was private.
According to the civil suit, individuals who accessed Google on their phones and other mobile devices believed their search histories were confidential when the “Web and App Activity” setting was activated. These privacy controls were supposed to prevent Google from tracking user activity. Instead, Google allegedly continued to collect data on users even after they opted to shield their activity and personal information.
Targeted Advertisements
The data improperly collected by Google was allegedly used to create targeted ads for individual users. According to the plaintiffs in the case, this information was extremely valuable and resulted in Google generating billions of dollars in profits.
Sold Consumer Data to Third Parties
Google was also accused of selling users’ personal data to third parties. This allegedly included the browsing history and activity data of mobile app users.
Scope: Millions of Consumers Affected
The class action lawsuit alleged that even users who did not use Google-branded apps were still affected by the privacy breach. That’s because Google is omnipresent online: the tech company allegedly tracks online communications “by covertly integrating Google’s tracking software into the products of other companies.” In other words, it was virtually impossible for most consumers to avoid being spied on and tracked by Google while using a mobile device.
Google Accused of Harvesting User Data from Third-Party Apps
Google allegedly harvested user data from third-party apps. The third-party apps had embedded Google software code, which is how Google was allegedly able to continue spying on users. These apps relied on Google Analytics to get around the “private” setting and access user data even after users thought they had opted out of sharing their data. According to the plaintiffs, some of those third-party apps included Facebook, Instagram, Uber, Lyft, Venmo, Alibaba, and Amazon.
Defense: Google Claimed Users Were Not Harmed by Unauthorized Data Collection
One of Google’s defenses for its actions was that the user data collected by the company was “nonpersonal and pseudonymous,” so affected users didn’t suffer any real harm from the unauthorized collection because the data could not be exploited to identify any individual users. Google also claimed that the data it collected from users was “stored in segregated, secured, and encrypted locations.”
The jury disagreed with Google and ruled against the tech giant.
Verdict: Federal Court Says Google Violated California Data Privacy Laws
The data privacy case was adjudicated in the United States District Court for the Northern District of California. The trial lasted three weeks, culminating in a jury deliberation that took two full days. When the jury reached a verdict, the outcome was not good for Google.
The jury found that Google violated California data privacy laws by intercepting data from nearly 100 million cellphone users who specifically instructed Google not to track their app activity. The jury also ordered the tech company to pay $425 million in penalties and fines.
Responses to Verdict
Despite the verdict, Google maintained that its actions were legal and denied any wrongdoing. Google released a statement indicating that the tech company planned to file an appeal.
The plaintiffs’ lawyers framed the ruling as a huge victory for consumers because it will “send a message to the tech industry that Americans will not sit idly by as their information is collected and monetized against their will.”
Google Ordered to Pay $425 Million for Violating Consumer Privacy Rights
The lawsuit was filed as a class action, which meant that the potential damages award was massive: the plaintiffs were seeking $30 billion in damages. The jury ultimately ordered Google to pay $425 million to affected users, with instructions to divide the money among the plaintiffs as follows:
- $247 million for class members with Android devices.
- $178 million for class members with non-Android devices.
The jury said that Google violated users’ privacy rights but did not act “with malice.” As a result, plaintiffs in the class action were not eligible for punitive damages. The punitive damages were meant to deter Google from misleading consumers and violating their privacy rights in the future.
Google’s stated intention to appeal the verdict means that members of the class who are eligible for financial compensation might not receive a payout for a while.
Google Settled Other Lawsuits Alleging Digital Privacy Violations
This was not the first time Google has been accused of violating both federal and state privacy laws. Earlier this year, the company reached a settlement with Texas prosecutors and agreed to pay approximately $1.4 billion for digital privacy violations.
And in 2024, Google was also accused of tracking users who believed they were browsing the web privately via the search engine’s “incognito” mode. To settle that $5 billion lawsuit, Google agreed to destroy billions of data records of users.
Contact the Los Angeles Data Privacy Attorneys at Tauler Smith LLP
California has the strongest consumer privacy laws in the country. This means that if you are a California resident who used an app or website that collected your data without permission, you may be eligible to file a lawsuit to receive financial compensation.
The Los Angeles consumer protection lawyers at Tauler Smith LLP represent plaintiffs in data privacy lawsuits. Call 310-590-3927 or send an email to discuss your legal options.
