Google exposed the private data of hundreds of thousands of users of the Google+ social network and then opted not to disclose the issue this past spring, in part because of fears that doing so would draw regulatory scrutiny and cause reputational damage, according to people briefed on the incident and documents reviewed by The Wall Street Journal.
[…]
A software glitch in the social site gave outside developers potential access to private Google+ profile data between 2015 and March 2018, when internal investigators discovered and fixed the issue, according to the documents and people briefed on the incident. A memo reviewed by the Journal prepared by Google’s legal and policy staff and shared with senior executives warned that disclosing the incident would likely trigger “immediate regulatory interest” and invite comparisons to Facebook’s leak of user information to data firm Cambridge Analytica.
Data leaks and breaches happen. They are a fact of life we’re pretty much forced to accept. However, how one handles such a leak sets the willfully malicious apart from those who have the best interests of their users at heart. From Google’s response – or lack thereof – to this incident we can clearly deduce to which group Google belongs.
This breach is the reason Google announced the sunsetting of the consumer-facing side of Google+ today.
Well, this is certainly a data point in favour of my decision to stop commenting on YouTube rather than allowing myself to be forced to add a Google+ profile to my account.
…how much y’wanna bet Google continues to insist that I tell them more about me, even if the original claimed purpose is no longer valid?
Edited 2018-10-08 20:06 UTC
… because I refuse to give any entity owned by Rupert ‘Satan’ Murdoch a second of my time, but did Google+ even have “hundreds of thousands” of users in the first place?
If you count that making a gmail account gives you a Google+ account?
Only after Google+ came around. Those of us with GMail accounts predating Google+ got nagged, but don’t automatically have Google+ profiles.
Honestly, given how Google+ became the One True Identity Source, odds are you had a Google+ account that just wasn’t made public.
A Google account, perhaps… but I dispute calling it a Google+ account, given that, if I log into YouTube and click the reply link on a comment, I get redirected to the Google+ “Create a profile” migration flow.
It seems more like they’ve got a nullable one-to-one relationship between Google login accounts and Google+ accounts (at the conceptual level, at least) and having an account which predates the creation of Google+ is the only way to have it be null.
Actually, it probably does.
I think people underestimate the size of G+, because it’s used in a very different way to Facebook… very few people use it simply to communicate with friends. But the community features (which are much better than their Facebook equivalents) are quite popular… little niche groups focused on some RPG, or some software project, or series of novels, etc. It certainly never had the numbers of Facebook, but it’s got a pretty sizable user base.
That said, it’s not something that offers an obvious revenue stream for Google – no advertising, and the information they’re gathering is likely not so valuable as the more personal stuff people post on Facebook. So I can’t say I’m surprised to see them shutting it down…
Well… ads of RPGs, or related software, or books?
If they had disclosed it, I don’t think anybody would have believed them.
I mean, Google+ having half a million users? Yeah, right.