Remember Google+? No, we’d nearly forgotten it too! But it seems that Google is shutting down its beleaguered online social network after a bug exposed private data from up to half a million user accounts.
That’s a pretty serious bug!
Even worse, what with the new era of GDPR and all that, Google then decided to NOT disclose the leak for months in order to avoid a costly PR disaster and potentially heavy fines.
A bug in the API for Google+ had, it now turns out, been allowing third-party app developers to access the data of users who had granted them permission AND their friends. Whoops!!
That’s pretty much exactly what happened with Facebook, yet whilst Mark Zuckerberg was hauled in front of Congress for his data sins, Google (foolishly) decided to keep schtum, reveals the Wall Street Journal.
Amazingly, the WSJ obtained an internal Google memo from the company’s policy and legal officials which admitted that fessing up to the data breach would result “in us coming into the spotlight alongside or even instead of Facebook despite having stayed under the radar throughout the Cambridge Analytica scandal.”
The memo added that it “almost guarantees Sundar will testify before Congress” and would invite “immediate regulatory interest”.
Unsurprisingly, Google now has serious egg on its face and has had no option but to shut down consumer access to Google+.
You can read more in a Google blog post about the shutdown, in which the company’s Ben Smith, the vice-president of engineering, claims:
“We found no evidence that any developer was aware of this bug, or abusing the API, and we found no evidence that any profile data was misused.
“Whenever user data may have been affected, we go beyond our legal requirements and apply several criteria focused on our users in determining whether to provide notice.”
Google made a point of stressing that it has also reformed its privacy policies in order to give users more control on the amount of data they share with third-party devs.
Via The Guardian