Google Ordered to Pay $314 Million for Secretly Using Android Owners’ Data

A California court finds Google liable for misusing cellular data from idle devices, ending an August 2019 class-action lawsuit.

Massive verdict ends long-running legal battle

A California jury has ordered Google to pay $314.6 million in damages for covertly collecting data from Android users without their consent. The ruling concludes a 6-year class-action lawsuit, representing approximately 14 million California residents who unknowingly had their cellular data collected by Google.

The lawsuit alleged Google harvested data via users’ cellular networks even when their Android phones were idle and apps were closed. Plaintiffs argued this behavior was both abusive and unnecessary, since the transmissions primarily involved non-essential log files that could have been deferred to Wi-Fi.

Data transfers without consent spark legal firestorm

The case revolved around a claim that Google designed Android so that it offloads routine data, such as system logs and performance metrics, over cellular connections, even though it could have been done using Wi-Fi. The plaintiffs stated that this design choice amounted to unauthorized use of paid data plans, unfairly shifting operational costs to users.

Tests conducted during the lawsuit revealed that a Samsung Galaxy S7 sent nearly 9MB of data daily, with the vast majority going to Google. One test cited over 389 separate data transfers a day, while another showed idle Android phones vastly outpaced iPhones in background data activity. These findings helped convince the jury that Google has misused its platform dominance.

Google denies harm, plans appeal

The tech giant contended that users had consented to data collection through privacy agreements and device settings. It also maintained that the background data exchanges were necessary for the core functionality and security of Android devices. Company representative Jose Castaneda argued that the ruling misinterpreted how Android operates and its need for reliability.

Nevertheless, the jury sided with the plaintiffs, calling Google’s practices an unauthorized use of private data. Glen Summers, lead attorney for the plaintiffs, hailed the verdict as a powerful acknowledgement of the company’s wrongdoing and a win for consumer rights.

More legal trouble ahead

This case may be only the beginning for Google. A separate federal lawsuit, representing Android users in the other 49 U.S. states, is moving toward trial next year. With regulators and consumers increasingly scrutinizing big tech’s handling of user data, this California verdict could set a precedent for future legal challenges.

Google was also recently ordered to pay $1.4 billion to the state of Texas for misleading practices that violated biometric and location data privacy laws.

Meanwhile, European authorities have fined TikTok €530 million for unlawfully collecting and processing children’s data. TikTok faced one of the largest penalties under the EU’s data protection framework.

Stay safer in the digital world

Background data transfers are deeply ingrained in the operation of modern devices. Unfortunately, this is an often-mystified reality for everyday users.

While tools like Bitdefender VPN and Bitdefender Digital Identity Protection don’t directly prevent such hidden exchanges, they offer essential safeguards for maintaining control over your personal information.

Bitdefender VPN can shroud your online presence, reducing exposure to tracking and unsecured networks, while Digital Identity Protection scans for data leaks and alerts you to threats. These tools help reinforce your privacy beyond the default protections of your device, which are often deficient.