Microsoft has accused Google of bypassing user privacy settings on Internet Explorer just days after the search giant was accused of doing the same to Apple’s Safari browser.
The means by which Google has bypassed user privacy in IE is significantly different to the way it circumvented privacy settings in Safari.
Google has not observed the default privacy protection in IE, known as the P3P Privacy Protection feature, according to Microsoft, allowing the search firm to track users with cookies.
“When the IE team heard that Google had bypassed user privacy settings on Safari, we asked ourselves a simple question: is Google circumventing the privacy preferences of Internet Explorer users too?” wrote Dean Hachamovitch, Microsoft’s vice president of Internet Explorer, in a blog post.
“We’ve discovered the answer is yes.”
But commentators suggested that Microsoft is actually allowing Google to track its users because of a privacy loophole in IE9.
The P3P Privacy Protection feature only blocks sites from tracking users if they explicitly identify themselves as advertisers, and both Google and Facebook have previously said they do not adhere to the P3P policy.
Additionally, Google has argued that Microsoft omitted important information from its blog post.
“Microsoft uses a ‘self-declaration’ protocol, known as P3P, dating from 2002 under which Microsoft asks websites to represent their privacy practices in machine-readable form,” said Google senior vice president of communications and policy, Rachel Whetstone, in a statement.
“It is well known – including by Microsoft – that it is impractical to comply with Microsoft’s request while providing modern web functionality. We have been open about our approach, as have many other websites.”
Last week the Wall Street Journal cited a Stanford University researcher in reporting that Google had ignored settings on Safari intended to block tracking tools.
The researcher found Google’s platforms were seemingly able to log user activity on both the OS X and iOS versions of the Safari, despite the browser’s privacy protection mechanisms being activated.
The WSJ reported that after it contacted Google, the company disabled the offending components.
Google, however, claimed that report “mischaracterised” the issue and said the code was used to provide services for users who had logged into their Google accounts.
This article was originally published on V3.