- Chaotic good, true neutral: The 2020 Democrat alignment chart Today 6:30 AM
- How to stream Mexico vs. Brazil live in the U-17 World Cup final Today 3:00 AM
- Influencer gets prison time for performing illegal cosmetic procedures on followers Saturday 5:13 PM
- Parent immediately regrets baby monitor after seeing ‘possessed’ baby Saturday 3:53 PM
- Buttigieg used Kenyan stock photo to promote plan for Black America Saturday 2:29 PM
- Disney+ is the best streaming service for families available today Saturday 1:43 PM
- Netflix to amend Nazi docuseries after being accused of rewriting history Saturday 1:09 PM
- Everything you need to know about TikTok Saturday 1:00 PM
- Screaming drummer girl steals hearts with passionate Nirvana cover Saturday 12:50 PM
- The Kardashians receiving backlash for food fight Instagram post Saturday 10:26 AM
- How to stream Artem Lobov vs. Jason Knight in BKFC Saturday 9:00 AM
- Lizzo sued by Postmates runner she accused of stealing her food Saturday 8:39 AM
- How to stream Jan Blachowicz vs. Ronaldo ‘Jacare’ Souza on UFC Fight Night Saturday 8:00 AM
- How to watch Georgia vs. Auburn live Saturday 6:30 AM
- How to stream Navy vs. Notre Dame live Saturday 3:30 AM
Facebook isn’t the only technological giant to have breached users’ trust and privacy. Google just announced that it’s shuttering its social network Google+ after leaving user data vulnerable to abuse by outside developers.
Months after Facebook announced that user data had been accessed inappropriately via political data firm Cambridge Analytica, Google confirmed that hundreds of thousands of Google+ users’ data was exposed in a software glitch. Perhaps even worse than the security issue itself is how Google handled the incident. After discovering the issue earlier this spring, the Wall Street Journal reports, Google decided not to disclose the issue “in part because of fears that doing so would draw regulatory scrutiny and cause reputational damage.”
Much like Facebook’s Cambridge Analytica scandal, the Google+ incident involved third-party developers potentially having access to users’ profile data. This lasted from 2015 to March 2018, when the issue was discovered and fixed. An internal memo shared with senior executives and viewed by the Wall Street Journal said that if the company disclosed the vulnerability, it could spark “immediate regulatory interest.” In order to prevent snowballing with Facebook’s security woes, Google stayed silent on the issue until now.
Alphabet, Google’s parent company, has now completely shut down all consumer-side functionality of the social network. Thus far, there seem to be no signs of abuse, on top of the fact that Google+ has been a ghost town for years. As some Twitter users have rightfully pointed out, Google tried to downplay this fact in the past but now admits that “90 percent of Google+ user sessions are less than five seconds.”
dark comedy: google plus PR spent five years trying to dissuade writing about the network's absymal usage numbers— rat king (@MikeIsaac) October 8, 2018
now that it leaked everyone's data, google can't get enough of telling people how no one used it https://t.co/iGocHG7vpA
“Whenever user data may have been affected, we go beyond our legal requirements and apply several criteria focused on our users in determining whether to provide notice,” a Google spokesperson told the Wall Street Journal. The company considered “whether [it] could accurately identify the users to inform, whether there was any evidence of misuse, and whether there were any actions a developer or user could take in response.”
The company concluded that none of these thresholds were met, so it chose not to disclose the vulnerability.
Google detailed in a post Monday that it formed a 100-person-strong task force earlier this year called Project Strobe to review third-party access to Google application programming interfaces and services. The unit discovered the Google+ bug, which could affect as many as 500,000 users, including G Suite customers such as schools and businesses. Unfortunately, due to limited activity logs, the investigators were unable to determine exactly who may have been affected and what kinds of data may have been exposed to third-party developers. More than 400 applications may have had access to this data.
Google could now face repercussions such as increased government regulation or class action lawsuits over its failure to disclose this issue in a more timely fashion. For more information on the incident, visit Google’s blog post here.
Christina Bonnington is a tech reporter who specializes in consumer gadgets, apps, and the trends shaping the technology industry. Her work has also appeared in Gizmodo, Wired, Refinery29, Slate, Bicycling, and Outside Magazine. She is based in the San Francisco Bay Area and has a background in electrical engineering.