header banner
WORLD, TECHNOLOGY

Google+ shutting down after data breach which was never revealed to users

WASHINGTON DC, Oct 9: Google is closing the Google+ social network after an error exposed the private data of hundreds of thousands of users last spring, in an incident which the company never disclos...
By Agencies

WASHINGTON DC, Oct 9: Google is closing the Google+ social network after an error exposed the private data of hundreds of thousands of users last spring, in an incident which the company never disclosed to those affected.


Google put the “final nail in the coffin” of the Google+ product by shutting down “all consumer functionality,” the Wall Street Journal reported citing an internal memo.


The project launched in 2011 as an alternative to other social networks ended up being a huge failure for the company. The breach happened after a software glitch in the site gave outside developers potential access to private profile data including names, email addresses, birth dates, genders, occupations and more.


Related story

Govt starts shutting down power lines of illegal crushers and s...


The memo viewed by the Journal said that disclosing the incident publicly would possibly trigger “immediate regulatory interest” and do damage to the company’s reputation. Reporting the incident would result “in us coming into the spotlight alongside or even instead of Facebook despite having stayed under the radar throughout the Cambridge Analytica scandal,” it warned.


The Journal reported that the Google+ breach exposed Google’s “concerted efforts to avoid public scrutiny of how it handles user information” at a time when regulators and the public are trying to do more to hold tech companies to account.


Google goes “beyond legal requirements” and applies “several criteria focused on our users” when deciding whether to provide notice, a spokesperson said in a statement. The company said it had considered whether or not it could accurately identify which users to inform, whether there was any evidence of misuse and whether there were any actions a developer or user could take in response. “None of these thresholds were met here,” the spokesperson said.


The leaked memo says that while there is no evidence that outside developers misused any data, there is still no way to know for sure.


As part of a slew of new security measures, Google is expected to clamp down on the amount of data it provides to outside developers through application programming interfaces (APIs), sources told the Journal.


As part of an audit of APIs, Google also discovered that Google+ had also been permitting developers to obtain data from users who never wanted it to be shared publicly — but a bug in the API meant they could collect data even if it was explicitly marked non-public through Google’s privacy settings.


New European General Data Protection Regulation (GDPR) rules which went into effect in May would have required Google to disclose the information to regulators within 72 hours under threat of penalty, but the Google+ leak was discovered in March, before the GDPR regulations came in and therefore was not covered by the European rules, according to Al Saikali, a lawyer who spoke to the Journal.


Saikali said it was possible that Google could face class action lawsuits over its decision not to disclose the breach. “The story here that the plaintiffs will tell is that Google knew something here and hid it. That by itself is enough to make the lawyers salivate,” he said.

Related Stories
Lifestyle

Hollywood actors join screenwriters in historic in...

POLITICS

VVIP culture hit hard on general public

WORLD

Trump willing to shut down government over border...

WORLD

US government shuts down, here's what happens

WORLD

Israel to reopen Jerusalem holy site after deadly...