Google Faces Class-Action Lawsuit Over Unauthorized Chrome Data Sync

In 2020, Google was hit with a lawsuit accusing the tech giant of intentionally and illegally transmitting users' browser history, IP addresses, persistent cookie identifiers, and unique browser identifiers to its servers without explicit user consent.

Despite Google Chrome's user agreement and privacy policy incorporating details of such data collection, Google argued that by accepting the privacy policy, users consented to the data being sent to Google servers. As a result, a U.S. federal district court dismissed the lawsuit in December 2022, with the judge stating that Google had adequately disclosed its data collection practices, and plaintiffs had agreed to this data collection.

However, in a turn of events, a federal appeals court has overturned the lower court's decision, stating that the district court should have scrutinized Google's disclosure information to determine if a reasonable person reading it would believe they had consented to the data collection. The appeals court judge highlighted that the lower court failed to consider whether users truly understood the agreement, pointing out that Google's general privacy disclosures implied certain information wouldn't be sent to Google for Chrome promotion unless sync was enabled.

This revival of the four-year-old class-action lawsuit means that, despite Google's intention to appeal further, plaintiffs might have to wait a considerable time for a resolution.

Interestingly, Google announced today that Chrome will soon no longer require users to enable sync to access saved messages, clarifying that this change is unrelated to the lawsuit. Google disagrees with the ruling, emphasizing that Chrome's sync feature facilitates seamless browser usage across different devices with clear privacy controls.