Google to overhaul privacy rules after discovering exposure of user data

Google Plus

Google to overhaul privacy rules after discovering exposure of user data

Google said Monday it is shutting down the long-ailing social network Google+ for consumer use amid new scrutiny of the company for reportedly failing to publicly disclose a security bug affecting users of the service. As part of that, a bug in Google + was found that could have been a potential leak if it wasn't caught in time.

The decision to not alert users was made after company officials wrote a memo concluding Google wasn't legally obligated to disclose the bug, and that there would be no point in telling users since the company had no way to confirm who was affected, according to The WSJ. The company notes that it will be "launching new features purpose-build for businesses", and that it'll share more information in the coming days.

Google wants to complete the sunsetting process for the consumer version of Google+ by August 2019.

The enterprise version of Google+ is to continue.

According to a report in the Wall Street Journal, the company knew about the issue in March but did not disclose it. The Google+ bug that's been discovered and disclosed was located in the Google+ People API.

Google+ was Google's last attempt at creating a Facebook competitor that would put Google on equal footing with the social networking giant in regards to user data and number of users.

Action 1: We are shutting down Google+ for consumers. Google said that it also found no evidence that any of the developers behind the 438 applications that used the API in question were aware of the bug.

Facebook second friend request warning about accounts being cloned
Hold your finger on the message until the forward button appears...then hit forward and all the people you want to forward too ... Simply delete the message and whatever you do, do NOT forward it to friends. "Good Luck!" read the message.

According to the Google+ Profile API documentation, profile fields can store a treasure trove of sensitive user details such as such as name, email address, occupation, gender, age, nickname, birthday, just to name a few.

If you break down Google's announcement to the core you will realize that Google chose to shut down Google Plus because of low user interaction with the service and the prospect of investing lots of resources into the service to make it more attractive to users.

Under the European Union's General Data Protection Regulation (GDPR), if personal data is breached, a company needs to inform a supervisory authority within 72 hours, unless the breach is unlikely to result in a risk to the rights and freedom of users. Still, outside app makers were not supposed to have access to private profile information.

Google is also limiting apps' ability to gain access to users' call log and SMS data on Android devices. They'll further limit these permissions by removing contact interaction data for the Android Contacts API.

Google's project team analyzed the available APIs provided to developers and found out that these were "challenging to develop and maintain".

The news comes as Silicon Valley companies have been increasingly scrutinized for their data collection practices.

Latest News