Tech giant Google has said that its social network Google+ will be shut down after it was discovered that a bug exposed private data of up to 500,000 users to external developers.
Tech giant Google has said that its social network Google+ will be shut down after it was discovered that a bug exposed private data of up to 500,000 users to external developers. The announcement was made by Ben Smith, Google Fellow and vice-president of engineering, in a blog post on Monday, in which he noted that the Indian-American headed company could not confirm which users were impacted by the bug. “However, we ran a detailed analysis over the two weeks prior to patching the bug, and from that analysis, the profiles of up to 500,000 Google+ accounts were potentially affected. Our analysis showed that up to 438 applications may have used this Application programming interface (API),” he said.
“We found no evidence that any developer was aware of this bug, or abusing the API, and we found no evidence that any profile data was misused,” Smith said. The technical bug was detected as part of an effort called Project Strobe started by Google early this year. It is a root-and-branch review of third-party developer access to Google accounts and Android device data and of our philosophy around apps’ data access, he wrote.
- From medical consultations, dating to workouts: How internet is keeping our worlds running amid lockdowns
- Most people in India are taking the coronavirus lockdown seriously, suggests Google's COVID-19 Community Mobility Report
- WiFi usage down marginally in weeks starting March 9, shows Opensignal data
“This project looked at the operation of our privacy controls, platforms where users were not engaging with our APIs because of concerns around data privacy, areas where developers may have been granted overly broad access, and other areas in which our policies should be tightened,” Smith said. The Wall Street Journal, which was the first to report about it said that a software glitch in the social site gave outside developers potential access to private Google+ profile data between 2015 and March 2018, when internal investigators discovered and fixed the issue.
“A memo reviewed by the Journal prepared by Google’s legal and policy staff and shared with senior executives warned that disclosing the incident would likely trigger “immediate regulatory interest” and invite comparisons to Facebook’s leak of user information to data firm Cambridge Analytica,” the daily reported.
Sunder Pichai, the Indian-American CEO of Google, was briefed on the plan to not notify users after an internal committee had reached that decision, The Wall Street said quoting unnamed sources. Smith, however, announced that Google+ will not be shut down immediately.
“To give people a full opportunity to transition, we will implement this wind-down over a 10-month period, slated for completion by the end of next August. Over the coming months, we will provide consumers with additional information, including ways they can download and migrate their data,” he wrote. Google also announced launch of more granular Google account permissions that will show in individual dialog boxes.
“When an app prompts you for access to your Google account data, we always require that you see what data it has asked for, and you must grant it explicit permission,” he said. “Going forward, consumers will get more fine-grained control over what account data they choose to share with each app. Instead of seeing all requested permissions in a single screen, apps will have to show you each requested permission, one at a time, within its own dialog box,” Smith said.
Google+ never came close to challenging rival Facebook for social network supremacy. Launched in 2011, Google+ copied Facebook with status updates and news feeds but the company’s other experiments with social media struggled to win over users because of complicated features and privacy mishaps.
Early this year, Facebook acknowledged that Cambridge Analytica, a British research organisation that performed work for the Trump campaign, had improperly gained access to the personal information of up to 87 million Facebook users.