In a significant blow to Alphabet’s Google, a federal jury in San Francisco has ruled that the tech giant must pay $425 million in damages for violating the privacy of approximately 98 million users across 174 million devices. The verdict, delivered on September 3, 2025, stems from a class-action lawsuit filed in July 2020, which accused Google of continuing to collect user data despite assurances that its Web & App Activity setting would prevent such tracking when disabled. The decision marks one of the largest privacy-related judgments against Google and underscores growing scrutiny over Big Tech’s data practices.
The lawsuit, representing a massive cohort of Google users, alleged that the company unlawfully accessed and stored data, including app activity on mobile devices, even after users explicitly opted out of tracking by turning off the Web & App Activity feature. Plaintiffs claimed this practice violated Google’s privacy assurances, misleading users into believing they had control over their data. Initially, the group sought damages exceeding $31 billion, arguing that Google’s actions affected millions of users over an eight-year period. The jury found Google liable on two of three privacy violation claims but determined that the company did not act with malicious intent, sparing it from additional punitive damages.
Google has vowed to appeal the ruling, with spokesperson Jose Castaneda asserting that the verdict reflects a misunderstanding of how the company’s products function. “Our privacy tools give people control over their data, and when they turn off personalization, we honor that choice,” Castaneda said in a statement. Google maintained during the trial that the collected data was nonpersonal, pseudonymous, and stored securely in encrypted locations, not linked to individual user identities. However, the jury’s decision suggests that these assurances were insufficient, highlighting a disconnect between Google’s privacy settings and its actual data collection practices.
The case, certified as a class action by U.S. District Judge Richard Seeborg, has far-reaching implications for the tech industry, particularly as regulators and consumers demand greater transparency in data handling. The plaintiffs’ attorneys, led by David Boies of Boies Schiller Flexner LLP, celebrated the verdict as a victory for user privacy. “We are obviously very pleased with the verdict the jury returned,” Boies said, emphasizing the importance of holding tech companies accountable for misleading privacy controls.
This ruling addsto a string of privacy-related legal challenges for Google. Earlier in 2025, the company settled a separate lawsuit with Texas regulators for $1.4 billion over state privacy law violations. In April 2024, Google agreed to delete billions of data records related to its Chrome browser’s Incognito mode after claims that it tracked users despite their belief in private browsing. Additionally, in July 2025, a California jury ordered Google to pay $314 million for misusing cellular data from idle Android phones, further spotlighting the company’s data practices.
The $425 million verdict, while significantly lower than the $31 billion sought, sets a precedent for future privacy litigation and underscores the financial and reputational risks tech giants face when user trust is undermined. Legal experts suggest that the ruling could influence how companies design and communicate privacy settings, pushing for clearer, more enforceable consent frameworks. As Google prepares to appeal, the case is likely to spark broader discussions about user rights and corporate accountability in the digital age, with regulators in the U.S., Europe, and beyond watching closely.
