Stanford researcher Jonathan Mayer has discovered a curious Safari loophole that allows Google to track a user’s browsing activity via cookie-laced web ads. As it turns out, Apple’s browser normally accepts cookies from sites that a user visits, but automatically blocks them from third-party advertisers. As Mayer found out, though, advertisers can still circumvent this filter by enticing users to interact with ads in different ways. In the case of Google, the search giant embedded a “+1” button on ads produced with its DoubleClick technology, as part of an opt-in feature for Google+ users. If a user was logged in to Google+ and had agreed to see +1 ad displays, he or she would have a cookie planted on their device, thanks to a system that sent invisible forms from Apple computers or iPhones. This made it seem as if a user actually submitted the form intentionally, thereby convincing Safari to allow cookies. These cookies were only temporary, with shelf lives of up to 24 hours, but they could open the door for many more, since Safari allows sites to plant them after having received access to install at least one.
After the Wall Street Journal notified Google of this loophole, the company promptly disabled it and duly apologized, adding that it didn’t realize that its +1 system would plant tracking cookies on a user’s device. “We didn’t anticipate that this would happen, and we have now started removing these advertising cookies from Safari browsers,” Google’s Rachel Whetstone explained. “It’s important to stress that, just as on other browsers, these advertising cookies do not collect personal information.” An Apple spokesperson, meanwhile, issued the following statement: “We are aware that some third parties are circumventing Safari’s privacy features and we are working to put a stop to it.”