A U.S. judge blocks $2.36 billion in penalties against Google over secret data collection, raising questions about privacy enforcement.
 |
| Analysis of the U.S. judge’s decision limiting consumer penalties in a landmark privacy case against Google and its implications for tech regulation. Image: CH |
San Francisco, United States — January 31, 2026:
Google has successfully blocked a bid for billions in additional penalties in a major U.S. privacy class action, highlighting the challenges consumers face in holding tech giants financially accountable for alleged data misuse. The case, Rodriguez v. Google LLC, concerns claims that Google secretly collected app activity data from users who had opted out of a key privacy setting.
In September 2025, a jury found Google liable but awarded $425 million in damages, far below the $31 billion sought by plaintiffs. On Friday, Chief U.S. District Judge Richard Seeborg denied a request to force Google to disgorge $2.36 billion in profits and to prohibit certain ad-related data practices. The ruling was based on the court’s determination that plaintiffs failed to demonstrate entitlement to the alleged gains or prospective, irreparable harm that would justify a permanent injunction.
Google argued that blocking its collection of account-related data would severely disrupt analytics services used by millions of developers. The court agreed, emphasizing that the plaintiffs’ estimates of Google’s profits were inadequately supported. The decision also upheld the class certification, covering roughly 98 million users and 174 million devices.
Plaintiffs’ attorneys, including David Boies, expressed relief that the ruling confirmed the jury’s verdict, while Google maintains its denial of wrongdoing and plans to appeal. The case underscores the complexities of quantifying damages in privacy litigation and the difficulty of enforcing substantial penalties against large technology companies.
Beyond its immediate impact, the decision illustrates the tension between consumer protection, corporate data monetization, and legal standards for injunctive relief. As global scrutiny of data privacy intensifies, Rodriguez v. Google LLC may set a precedent for how courts evaluate economic harm, future risk, and the practical effects of restrictions on digital services.
For regulators, companies, and consumers alike, the ruling highlights a central challenge: ensuring meaningful accountability in an era where user data drives billions in profits, while balancing the operational realities of services relied upon worldwide.