Australia’s competition and consumer regulator, the Australian Competition and Consumer Commission (ACCC), recently decided to take action against Google LLC (Google) in relation to allegations that it misled consumers about the collection and use of their personal information online, including, in particular, on third party websites, in order to enhance the provision of targeted advertising to them. The ACCC alleges that this conduct by Google was in breach of the Australian Consumer Law (ACL). This move by the ACCC represents another attempt by the regulator to challenge the conduct of some of the digital giants in the Australian market and responds to a number of key findings made by the ACCC in its Digital Platforms Inquiry, including that Google (and Facebook) hold substantial market power in the markets for online search advertising and display advertising.
The conduct in question involved a purported failure by Google to properly inform consumers, and obtain their explicit consent, when, in 2016, it began combining personal information in consumers’ Google accounts with information relating to the activities on non-Google websites that used Google technology (formerly DoubleClick technology). Although Google account holders were prompted to click an “I agree” pop-up notification advising them of certain changes to their Google accounts which would be used by Google in order to ‘make ads across the web more relevant for [them]’, the ACCC alleges that this did not adequately describe the expanded scope of information that Google would be able to collect and did not constitute obtaining consumers’ express consent.
The ACCC also alleges that Google introduced a change to its privacy policy in order to effect these changes without the explicit consent of its consumers in breach of the ACL. Prior to 28 June 2016, Google’s privacy policy stated that it ‘[would] not combine DoubleClick cookie information with personally identifiable information unless we have your opt-in consent’. This statement was then amended on 28 June 2016 to the following: ‘[d]epending on your account settings, your activity on other sites and apps may be associated with your personal information in order to improve Google’s services and the ads delivered by Google’. The privacy policy also stated that Google would ‘not reduce [consumers’] rights under this Privacy Policy without [their] explicit consent’. According to the ACCC, by failing to obtain the explicit consent of its customers for this change to its privacy policy, and by also stating that it would not reduce consumers’ rights without their explicit consent, Google engaged in misleading conduct in breach of the ACL.
The ACCC’s decision to institute proceedings against Google is a further indication of the regulator’s increased preparedness to take action against digital platforms in the Australian market. It follows the ACCC’s decision to institute proceedings against Google in the Federal Court in 2019 in relation to its alleged misuse of consumers’ location data (which is expected to be heard in the Federal Court in November this year), as well as the recent release of its Statement of Issues in relation to Google LLC’s proposed acquisition of Fitbit. In its Statement of Issues, the ACCC expressed concerns that Google’s acquisition of Fitbit may further entrench Google’s dominant position in the supply of data-dependent health services and ad tech services, and adversely affect competition in those markets.
For more information please contact Thomas Jones or Tom Macken.
