The allegations are that Google has advertised its “Incognito” mode to have much higher privacy protections than it actually provides. In a nutshell, Incognito mode spins up a browser tab in a temporary “sandbox”. Once the user closes the Incognito mode session, the following locally stored information generated during that session is deleted.
- Local browsing history
- New cookies and site data
- Saved credentials
File downloads and bookmarks from the Incognito session will remain on your computer after you close the Incognito session. The end result is similar to clearing your browser history. While Incognito mode helps keep your browsing private from other users on your device, it doesn’t hide your activity from your internet service provider, your employer (if you’re using a work computer), or the websites you visit. Websites can still collect data about your visit, and your IP address remains visible.
The plaintiffs alleged that Google collected data through Google Analytics, Google Ad Manager, and other applications and website plugins, including smartphone apps— regardless of whether users clicked on Google-supported ads. The allegations also stated that “approved third parties”, including those registered as data brokers in California as required under the CCPA, were allowed to place trackers, such as digital pixels, to further collect information on users.
They argued that this contradicted Google’s representations of privacy in Incognito mode and constituted a violation of federal wiretap laws.
A formal settlement is expected for court approval by February 24, 2024.