Remember Google+?
Me neither. But while we were blissfully ignorant of its continuing existence something predictable (and quite commonplace in 2018) happened: private user data leaked.
Here’s what happened. There was a bug that allowed hundreds of third party applications to access user’s personal data, according to a Google blog post. We’re talking user names, employers, job titles, gender, birth place and relationship status of at least half a million Google+ users, according to the Wall Street Journal.
As the Wall Street Journal points out, the bug has been around since 2015. Google says it only discovered and “immediately patched” it in March of this year — the same month Facebook’s Cambridge Analytica scandal started to blow up. In the same blog post, Google announced it will shut down Google+ entirely.
So why are we only hearing about this now, seven months later? Don’t Google users have a right to know if their personal data was vulnerable to hackers over the last three years? Internal memos obtained the Wall Street Journal suggest Google was trying to avoid triggering “immediate regulatory interest.” In other words: avoid fines and penalties.
And there was no real reason for Google to do so. Sure, it might have had a better shot at containing the breach. But no government rules compelled the company to tell consumers right when it happened. And to do so of its own volition right when Facebook was coming under such pressure? Didn’t seem like a great PR move.
In a statement to Futurism, Google points out it’s already doing more than required. “Every year, we send millions of notifications to users about privacy and security bugs and issues. Whenever user data may have been affected, we go beyond our legal requirements and apply several criteria focused on our users in determining whether to provide notice.”
The statement continues: “Our Privacy & Data Protection Office reviewed this issue, looking at the type of data involved, whether we could accurately identify the users to inform, whether there was any evidence of misuse, and whether there were any actions a developer or user could take in response. None of these thresholds were met in this instance.”
Google claims that it found “no evidence that any developer was aware of this bug, or abusing the API,” after a thorough, “root-and-branch review of third-party developer access” investigation. No one got hurt, so we’re all cool, right? Right?
Is it just me, or does it feel like our personal data is being leaked on almost a weekly basis? Just two weeks ago, hackers got into 50 million Facebook accounts. One notable difference: the security issue was discovered just three days earlier by Facebook’s engineering team, according to an official blog post. Guess Facebook learned something from Cambridge Analytica, after all.
Now what? Well, now the lawsuits. Ars Technica reports that California residents and Google+ users have filed the first class-action lawsuit in a federal court in San Francisco. The argument: Google knowingly made “a calculated decision not to inform users that their Personal Information was compromised,” according to the complaint, as Ars Technica reported.
And Google may have to contend with the EU’s General Data Protection Regulation (GDPR). It requires companies to notify affected users of a personal data breach “without undue delay and, where, feasible, not later than 72 hours after having become aware of it,” according to Article 33 — a far shot from the seven months it took Google.
Not complying with that rule could actually hurt Google: fines of up to two percent of annual global revenue. It’s been hit with these kinds of fines before, specifically one of $5 billion in May in response to reportedly violating antitrust laws on Android phones (the company has challenged the decision).
But as TechCrunch points out, Google might not have violated GDPR after all: the bug was found in March, but GDPR went into effect two months later. Since the law is still new and EU member countries are still figuring out how to enforce it, Google may find itself in a regulatory gray area.
Like all companies faced with a breach like this, Google is doing a little introspection. Google claims it’s clamping down on third-party access to consumer Gmail data, and allowing users to give and revoke permissions to those third-parties — a positive step for sure.
But if you still feel wary, well, we don’t blame you. Google knew about the leak for so darn long before it decided to reveal its existence. The fact that it couldn’t find any evidence of misuse is little consolation.
As data breaches like these become more frequent and reveal more information, lawmakers are starting to pay attention, giving data privacy laws a much-needed second look. Consumers have a right to know if their data is ending up in hands they might not have authorized. If companies like Google are not being held accountable, they may never even learn about it.
More on data leaks: Breaking: Hackers Accessed 50 Million Facebook Accounts
See more here:
Google Didn’t Report Its Data Leak Till Months Later. Now It’ll Face the Consequences.
- Futurist Serata featuring artist Luca Buvoli at Brown (Nov. 20) - November 7th, 2009 [November 7th, 2009]
- FUTUR1SM00GGI - November 8th, 2009 [November 8th, 2009]
- ‘Futurism on Film’ Series this month in NYC - November 8th, 2009 [November 8th, 2009]
- Schedule of Futurist Events in NYC (PERFORMA 09: Nov 1-22) - November 8th, 2009 [November 8th, 2009]
- ‘Futurismo/Futurizm: The Futurist Avant-Garde in Italy and Russia’ (Nov. 13 + 14) - November 8th, 2009 [November 8th, 2009]
- ‘Beyond Futurism: F.T. Marinetti, Writer’ conference at Columbia (Nov. 12+13) - November 8th, 2009 [November 8th, 2009]
- Futurism and Cars at the Museo Nicolis - November 8th, 2009 [November 8th, 2009]
- MoMA Film Series Marks Centenary of Futurism with Films - November 8th, 2009 [November 8th, 2009]
- ‘Bergson+Futurism. Speed in thought’ - Madrid (Nov. 5) - November 8th, 2009 [November 8th, 2009]
- ‘The Future in Five Senses: Echoes of Italian Futurism in New York Architecture and Design’ Nov. 16th NYC - November 8th, 2009 [November 8th, 2009]
- New World-Wide Climate Treaty in 2010 More Likely - November 8th, 2009 [November 8th, 2009]
- Tar Sands CCS Myth Shattered - November 8th, 2009 [November 8th, 2009]
- Smart Grid and Smart Meters Get Big Grants - November 8th, 2009 [November 8th, 2009]
- Pollution Makes Methane Even More Dangerous - November 8th, 2009 [November 8th, 2009]
- Climate Change Bill Hearing Video - November 8th, 2009 [November 8th, 2009]
- New Satellite to Monitor Water and Plant Growth - November 8th, 2009 [November 8th, 2009]
- Spiritual Battle Awaits the Deniers and Skeptics - November 8th, 2009 [November 8th, 2009]
- Effects of Climate Change are Observed World-Wide - November 8th, 2009 [November 8th, 2009]
- Get Yer Global Warming Science Here - November 8th, 2009 [November 8th, 2009]
- TckTckTck Wake up Call — Delay Kills - November 8th, 2009 [November 8th, 2009]
- Canada’s Awful Gold Rush - November 8th, 2009 [November 8th, 2009]
- Climate Change Talks Spark Global Backlash by Businesses - November 8th, 2009 [November 8th, 2009]
- World May Need Extra Year for Climate Treaty - November 8th, 2009 [November 8th, 2009]
- Senator Boxer Moves Climate Bill Despite Republican Obstructionism - November 8th, 2009 [November 8th, 2009]
- Lights out for incandescent lights? - November 8th, 2009 [November 8th, 2009]
- Sutures from Bacteria - November 8th, 2009 [November 8th, 2009]
- Remote-Controlled Pigeons - November 8th, 2009 [November 8th, 2009]
- Apple Announces iPhone Release Date - November 8th, 2009 [November 8th, 2009]
- UK Government Envisions a Grim Future - November 8th, 2009 [November 8th, 2009]
- Top Ten Emerging Technologies for the Environment - November 8th, 2009 [November 8th, 2009]
- DIY Mobile Networks - November 8th, 2009 [November 8th, 2009]
- Stem-Cell Treatment Cures Type 1 Diabetes - November 8th, 2009 [November 8th, 2009]
- Is Tesla Getting the Electric Car Right? - November 8th, 2009 [November 8th, 2009]
- The Future of TV News - November 8th, 2009 [November 8th, 2009]
- Bruce Sterling on Earth-Friendly Pervasive Computing - November 8th, 2009 [November 8th, 2009]
- First Step Toward Organ Regeneration in Humans - November 8th, 2009 [November 8th, 2009]
- IBM's "Five in Five" - November 8th, 2009 [November 8th, 2009]
- Outsourced Journalism - November 8th, 2009 [November 8th, 2009]
- Is True Global Democracy the Next Great Political Movement? - November 8th, 2009 [November 8th, 2009]
- The Risks of Autonomous Robots - November 8th, 2009 [November 8th, 2009]
- Microsoft Introduces "Tabletop" PC - November 8th, 2009 [November 8th, 2009]
- Britain Piloting First Biofueled Train - November 8th, 2009 [November 8th, 2009]
- Self-Healing Plastic - November 8th, 2009 [November 8th, 2009]
- Bird Population Falls Over Past 40 Years - November 8th, 2009 [November 8th, 2009]
- The iPhone Revolution? - November 8th, 2009 [November 8th, 2009]
- The End of "Cheap Food"? - November 8th, 2009 [November 8th, 2009]
- How to Stop -- Or Live With -- Global Warming - November 8th, 2009 [November 8th, 2009]
- MIT Demonstrates "Wireless Electricity" - November 8th, 2009 [November 8th, 2009]
- Unintended Consequences of Biofuels - November 8th, 2009 [November 8th, 2009]
- Time to Focus on the Big Picture in Copenhagen - December 12th, 2009 [December 12th, 2009]
- Protests in Copenhagen - December 12th, 2009 [December 12th, 2009]
- Mario Guido Dal Monte exhibit - December 13th, 2009 [December 13th, 2009]
- Futurism News Bulletin, xvi - December 13th, 2009 [December 13th, 2009]
- Viva il Futurismo! (video trailer) - December 13th, 2009 [December 13th, 2009]
- 3 exhibits in Gorizia! - December 13th, 2009 [December 13th, 2009]
- Forthcoming: ‘Antidiets of the Avant-garde’ by Cecilia Novero - December 13th, 2009 [December 13th, 2009]
- Pubblicità e propaganda. Ceramica e grafica futuriste at the Wolfsoniana - December 13th, 2009 [December 13th, 2009]
- Balla’s home scheduled to open in 2010 - December 13th, 2009 [December 13th, 2009]
- Futurismo a Savona - December 13th, 2009 [December 13th, 2009]
- ‘Zang Sud Sud’, Cosenza - December 13th, 2009 [December 13th, 2009]
- Conference in Rome (Dec. 10) - December 13th, 2009 [December 13th, 2009]
- Climate Hackergate: A Well-Orchestrated Campaign of Harassment - December 13th, 2009 [December 13th, 2009]
- The Sad Story of Cap and Trade - December 13th, 2009 [December 13th, 2009]
- How to Waste Trillions on Capturing Carbon - December 13th, 2009 [December 13th, 2009]
- Smack the Email Hack Attack - December 13th, 2009 [December 13th, 2009]
- EPA About to Declare CO2 a Public Danger - December 13th, 2009 [December 13th, 2009]
- Copenhagen Summit Starts with Virtually There Media - December 13th, 2009 [December 13th, 2009]
- Climate Scientist Gets Blunt on Trading Scheme - December 13th, 2009 [December 13th, 2009]
- One Climate Change Editorial in 56 Newspapers, 45 Countries - December 13th, 2009 [December 13th, 2009]
- This Decade Will be Hottest Ever on Record - December 13th, 2009 [December 13th, 2009]
- Divide and Conquer - December 13th, 2009 [December 13th, 2009]
- Leave the Coal in the Hole! - December 13th, 2009 [December 13th, 2009]
- COP15: Two Agreements Coming - December 13th, 2009 [December 13th, 2009]
- Climate and Copenhagen News December 10 - December 13th, 2009 [December 13th, 2009]
- Sea Level Already Rising on Atlantic Coast - December 13th, 2009 [December 13th, 2009]
- ‘Umbria Veloce’ in Perugia - December 14th, 2009 [December 14th, 2009]
- An Instable CO2-Filled Ocean - December 14th, 2009 [December 14th, 2009]
- ‘Futurismi a Ravenna’ opens Dec. 19 - December 15th, 2009 [December 15th, 2009]
- ‘Futurism and the Technological Imagination’ – 30% discount until Jan. 15 - December 15th, 2009 [December 15th, 2009]
- Protecting Our Lungs at Copenhagen - December 15th, 2009 [December 15th, 2009]