Google found not guilty of stuffing kids with tracking cookies

In the US, it’s illegal to gather the personal information of children under the age of 13 without informing parents and getting their permission.

And yes, Google has, in fact, been serving up ads targeted to kids.

But a US appeals court this week let Google off the hook for serving those kids bad data-collecting cookies without parental permission, given that the company didn’t directly gather the kids’ info – rather, it was given the data by Viacom’s servers.

In a 3-0 decision this week, the court said that it had interpreted the 1988 Video Privacy Protection Act to hold that…

…the law permits plaintiffs to sue only a person who discloses [personally identifiable video viewing details], not a person who receives such information.

And in this case, Google’s the receiver, and Viacom’s the one who threw that cookie football.

The court drew a parallel to the case that inspired the Video Privacy Protection Act: the leaking of Supreme Court nominee Robert Bork’s video rental history.

Just as the Washington Post wasn’t liable for receiving and publishing that rental history, nor is Google liable for receiving the IP address and browsing history collected by Viacom’s cookies.

As far as holding Viacom responsible goes, the court said that yes, the company had promised not to collect any personal information about children who browsed its websites. Nonetheless, Viacom went ahead and did exactly that.

The court – the US Third Circuit Court of Appeals – said that it’s faced a similar allegation about Google’s deceptive practices, and it’s come to a similar conclusion with regards to Viacom.

The previous court case was from last year’s In Re: Google Inc. Cookie Placement Consumer Privacy Litigation, which came out of a report from the Wall Street Journal about Google and other advertising companies tracking the web-browsing histories of millions of people by bypassing the privacy settings they’d set up on Apple’s web browser on their iPhones and computers.

In short, the plaintiffs were right in both cases, the court said: there was indeed invasion of privacy. And in the Google/Viacom case, Viacom is looking like it might be the guilty party.

What Viacom did may have been in violation of New Jersey state law’s “intrusion upon seclusion” clauses, the court said. Hence, the Viacom-specific part of the case is going to proceed.

Google and Viacom had been sued on behalf of kids who had visited the site, where they, or their parents, were assured that …

HEY GROWN-UPS: We don’t collect ANY personal information about your kids. Which means we couldn’t share it even if we wanted to!

So much for privacy policies! We still think you should read them, but it’s wise to take them with a grain of salt.

The claims against Google and Viacom were that they had violated the Video Privacy and Protection Act, the Wiretap Act, the Stored Communications Act, and the California Invasion of Privacy Act. Those claims have all been dismissed.

The claim that Viacom violated the New Jersey invasion of privacy clause is being sent back to a district court for a possible jury trial.