As Google has faced numerous privacy-related lawsuits in recent years, a California state court jury delivered one of the most significant financial penalties against the tech giant, ordering the company to pay $314 million in damages for allegedly misusing Android users’ cellular data without their knowledge or consent.
The class-action lawsuit, filed in August 2019, centered on claims that Android devices transferred data to Google servers without user authorization, consuming paid cellular data allowances even when devices were not connected to Wi-Fi networks. According to court evidence, devices with default settings and preloaded applications transmitted up to 8.88 megabytes of cellular data daily, with 94% of communications occurring between Google and the device. These data transfers continued even when all Google applications were closed and devices remained dormant. The unauthorized data transfers created significant vulnerabilities that could lead to man-in-the-middle attacks compromising sensitive user information.
Android devices secretly consumed up to 8.88 megabytes of users’ paid cellular data daily, even when all Google apps were closed.
Plaintiffs argued that Google intentionally chose to use cellular networks rather than restricting transfers to Wi-Fi connections, violating California law regarding unauthorized use of personal property. The transmitted data allegedly included various types of user and device information, which Google utilized to improve targeted advertising services and mapping capabilities. Users reportedly incurred costs because of this unauthorized consumption of their metered cellular data, whereas Google benefited corporately rather than providing direct functionality to users.
The jury’s verdict represents a significant legal rebuke of Google’s data privacy practices, highlighting increasing legal scrutiny surrounding tech giants’ data collection methods. Google announced its intent to appeal both the findings and the damages amount, maintaining that the data transfers constitute critical operations for device security, performance, and reliability. The San Jose jury delivered the verdict following the class-action lawsuit trial.
A Google spokesperson characterized the ruling as a setback for users, arguing that the transfers use less cellular data than uploading a single photograph. Google contends that users provided consent through multiple terms of use agreements and device settings, disputing claims of inadequate notification and transparency.
The case forms part of a broader series of challenges regarding Google’s handling of user data and privacy practices. The outcome may influence future lawsuits and regulations concerning data privacy, potentially prompting greater user awareness about default device settings and background data usage.
