Google+ will be shut down following security bug

Ireland's data protection regulator said on Tuesday that it would seek more information from Alphabet Inc's Google (GOOGL.O) regarding a security issue that may have exposed the data of at least 500,000 users to hundreds of external developers.

The Wall Street Journal, citing anonymous individuals, reports that Google deliberately avoided disclosing the problem at the time, in part to avoid drawing regulatory scrutiny. "Earlier this year, right at the time they discovered this, the Facebook Cambridge Analytica data breach had just happened, there's a lot of regulator scrutiny of Facebook and tech companies and how they're handling data, and internally, they were anxious about being pulled into this conversation in a bigger way". After an internal committee had already reached the decision not to disclose the privacy and security issue to the public, Google's CEO, Sundar Pichai, was also notified. Despite this, they still plan to shut down Google+, providing people the next ten months to migrate their personal information.

Google learned in March that a software vulnerability that has existed in its Google+ service since 2015 could have allowed malicious third-party app developers to access users' private profile information.

Despite the social network closing down, you can still take action.

In addition to "sunsetting consumer Google+", the company is making changes to APIs on its other services, which will limit the amount of access developers get to data on Android and Gmail.

"Smith said that despite Google's engineering teams putting in a lot of effort, "[Google+] has not achieved broad consumer or developer adoption, and has seen limited user interaction with apps.

A spokeswoman for Google said that whenever user data may have been affected it determines whether to tell people based on a number of criteria.

This privacy breach, in addition to dwindling user numbers and engagement, has prompted the search giant to shutter the consumer side of Google+.

But the company kept it open long enough to cause an embarrassing privacy gaffe that could give Congress an excuse to enact tighter controls on data collection. That said, social media is the business where Google has failed to mark its presence.

A memo reviewed by the Journal prepared by Google's legal and policy staff and shared with senior executives warned that disclosing the incident would likely trigger "immediate regulatory interest" and invite comparisons to Facebook's leak of user information to data firm Cambridge Analytica. Google is also following from its limiting of Gmail scans by limiting which applications - namely, down to email apps - can do so. If an app wants access to a Calendar and Drive documents, for example, you can opt to share one but not the other.

  • Latoya Cobb