• by Wendy Davis  @wendyndavis, May 7, 2019

Several years ago, Google agreed to pay around $5.5 million to settle a class-action lawsuit accusing the company of violating Safari users' privacy by circumventing their no-tracking settings.

But now the company says the deal should be vacated and the underlying lawsuit dismissed, arguing that the people who sued didn't establish any injury as a result of the tracking.

“Plaintiffs' alleged injury is ... purely conjectural,” Google writes in a letter sent last week to the 3rd Circuit Court of Appeals.

Google adds that tracking web users in order to serve them ads doesn't cause the kind of injury that warrants a lawsuit.

“Plaintiffs hypothetically could have been shown ads that were more relevant to their interests than the ads they would have seen without the cookie,” Google writes. “For example, a plaintiff who viewed a pet-related website might have later seen an ad for pet supplies instead of an unrelated ad they might have seen without the cookie. This is not an injury at all.”

The long-running battle stems from Google's involvement in the "Safari hack" -- a privacy glitch that came to light in 2012 when researcher Jonathan Mayer published a report stating that Google (and other companies) circumvented Safari's privacy settings and set tracking cookies.

After doing so, Google was able to serve ads to Web users based on their Internet activity, Mayer reported.

Google confirmed Mayer's report when it came out, and said it had stopped tracking Safari users or would soon do so. The company also agreed to pay $22.5 million to settle privacy-related allegations with the FTC, and an additional $17 million to settle with a group of state attorneys general.

The company also agreed to settle a class-action lawsuit by making donations to six schools and nonprofits -- Berkeley Center for Law & Technology, Berkman Center for Internet & Society at Harvard University, Center for Democracy & Technology, Public Counsel, Privacy Rights Clearinghouse, and the Center for Internet & Society at Stanford University. The company also agreed to pay nearly $2 million to the attorneys who brought the case.

That settlement has been held up in court as a result of a challenge by class-action activist Theodore Frank, who says Google should have compensated individual Safari users, as opposed to making donations to nonprofits.

While Frank's challenge to the Safari-hack settlement was pending, the Supreme Court issued a ruling in a separate privacy battle involving Google. That matter stemmed from allegations that Google violated people's privacy by including their search queries in "referer headers" -- the information that's automatically transmitted to sites users click on when they leave Google. (Some queries, like people's searches for their own names, can offer clues to users' identities; Google no longer transmits search queries when people click on links in the results.)

Google agreed to resolve those allegations by donating $5.3 million to six nonprofits and schools, and paying more than Google $2.1 million to the attorneys who brought the lawsuit.

In March, the Supreme Court sent that dispute back to the lower courts, with instructions to decide whether Google harmed people by transmitting their search queries to publishers.

After that Supreme Court ruling, the 3rd Circuit judges asked Google and the consumers to submit additional arguments addressing whether the Safari hack caused the kind of injury that warrants a lawsuit.

Lawyers for the Safari users say the answer is yes. But Google says the matter should be dismissed.

“Because the cookies at issue would merely have led users to receive more relevant ads, they could not have caused 'real' injury,” the company writes.