Google used a WebKit exploit (which Google itself patched and submitted back to the open-source WebKit, but which Apple never adopted in Safari) to secretly store cookies on user devices. Google has always maintained that it was all a mistake, no personal data was ever acquired, and users were never tracked. But it also appears Google understands it won't win the case in court, and as such has agreed to settle with 37 states and Washington, D.C..
The settlement also includes rules which essentially tell Google to not do it again. In addition to the $17 million, Google has promised to not deploy code overriding cookie settings without user consent, improve information given to users, and more.