EOFY Sale · Save up to $750 off your legals · Ends 30 June

Claim offer
Selected cases

Federal Court of Australia · [2021] FCA 367

ACCC v Google

A Federal Court case showing how privacy and data representations can also create Australian Consumer Law risk.

Federal Court of Australia16 Apr 2021

Plain-English explainers, not legal advice. Check the linked official source before you rely on a specific section, and get advice for your situation.

Get legal help

Start here

Quick read

  • Businesses collecting location or behavioural data should make privacy and consumer disclosures match the real product settings.
  • A Federal Court case showing how privacy and data representations can also create Australian Consumer Law risk.

Use this to check

  • Privacy disclosures and product settings must be consistent.
  • Data collection explanations should be tested from the user's perspective.
  • Consumer law can apply to privacy and data representations.

Decision snapshot

  1. 1

    What happened

    • Google showed Android users account setup and settings screens about Location History and Web & App Activity.
    • The ACCC alleged users were led to think Location History was the only setting controlling whether Google collected, kept or used personally identifiable location data.
    • In reality, leaving Web & App Activity switched on could also allow Google to continue collecting and using location data.
  2. 2

    What the court had to decide

    • The Court had to decide whether Google's screens and explanations misled users about the relationship between Location History, Web & App Activity and the collection or use of personal location data.
  3. 3

    What the court decided

    • The Federal Court found Google had made misleading representations to some Android users about location data settings during the relevant period.
    • The decision showed that consumer law can apply to privacy and product-setting representations, not just classic sales advertising.

Practical impact

Practical read

  • Businesses collecting location or behavioural data should make privacy and consumer disclosures match the real product settings.
  • Privacy wording can also be consumer law risk.

Useful next steps

  • Privacy disclosures and product settings must be consistent.
  • Data collection explanations should be tested from the user's perspective.
  • Consumer law can apply to privacy and data representations.
  • Map what data is collected by default and after each setting change.
  • Make privacy policies, collection notices and UI labels consistent.

Practical read

ACCC v Google is a settings-screen case. Users were not just reading a privacy policy. They were making product choices inside Android and Google Account screens, and the legal question was whether those screens gave a truthful picture of what would happen to location data.

For startups, the case matters because data risk often lives in product UX. A privacy policy can be technically accurate and still not save a business if toggles, onboarding text or account settings give users the wrong impression.

Checks to run

Key points

  • Map what data is collected by default and after each setting change.
  • Make privacy policies, collection notices and UI labels consistent.
  • Avoid broad claims like 'we do not track' unless technically true.
  • Keep product, legal and engineering review connected before release.

Key takeaways

  • Privacy disclosures and product settings must be consistent.
  • Data collection explanations should be tested from the user's perspective.
  • Consumer law can apply to privacy and data representations.

Related topics

Privacy & DataConsumer Law & Trading

How Sprintlaw can help

Privacy PolicyWebsite Terms and Conditions