Google announced that it’s social networking platform Google plus shut down this week. Image source: Shutterstock.
Search giant Google announced early this week that it will shut down its social networking platform Google Plus since it discovered a security vulnerability that left private data of its 500,000 users exposed. The platform was created as a competitor for Facebook but it had very few takers and the company was seldom forthcoming about the actual number of users. When the breach was actually noticed in March the firm’s “Privacy and Data Protection Office” did not reveal it to users as it did not appear that anyone had gained access to user information and it was not legally bound to say so.
People in the cyber security community are curious about the firm’s decision to stay quiet about such a major issue as according to new cyber rules in Europe and California every company has to make a public report of all data breaches and security issues. According to the Wall Street Journal, Google chose to avoid disclosing the issue earlier due to the fiasco faced by Facebook founder Zuckerberg and only now revealed the details to avoid regulatory issues. Google shared further details about the breach stating that around 438 private party applications may have had access to user information through application programming interfaces. While these developers could have viewed user details like email addresses, occupation, gender, and age, they could not get details like phone numbers, personal messages, and posts from other Google accounts.
According to the Wall Street Journal report, a memo was prepared by legal policy staff of Google and was shared with its senior executives which stated that disclosing details of the data breach could lead to “regulatory interest” along the lines of Facebook. After this memo, Google’s COO was told not to make a public statement about the data breach nor inform users. Google’s VP Engg Ben Smith clarified in the blog post that the team did not find anyone abusing the profile data so they did not report it. Also whenever they find a situation wherein user data could be affected Google goes beyond legal requirements to apply user-focused criteria to determine if notice has to be given. As none of the regular public disclosure thresholds were met the firm decided to withhold reporting the breach.
Google Plus had been launched in 2011 as a competitor for Facebook as it was concerned about the social media giant’s popularity and its ability to pinpoint advertisers to users based on their personal data that they had shared with their connections through likes and comments. The Plus platform was almost similar to Facebook with details like status updates, news feeds and the ability to organize friends into groups called “circles”. But Google’s experiments with social media were not as successful as it had complicated features and privacy issues. The firm has decided to withdraw the free version of Google Plus though it will remain functional for corporate organizations that have purchased its G Suite which is a bundle of applications for the creation of collaborative documents, spreadsheets, and presentations within an organization that employees can share and create.