Google is about to have its Cambridge Analytica moment. A security bug allowed external developers to access Google+ user profile data from 2015 until Google discovered and patched it in March, but decided not to inform the world. When a user gave an application permission to access their public profile data, the error also allows developers to extract their non-public profile fields and those of their friends. In fact, the full names, e-mail addresses, dates of birth, gender, profile pictures, places lived, occupation and the state of users of 496,951 were potentially exposed, although Google says it has no evidence that the 438 applications that may have had access have misused the data
The company decided not to inform the public because it would lead "us to be the center of attention with Facebook or even instead of doing so, despite have been under the radar throughout the Cambridge Analytica scandal, "according to an internal memo. Now, Google+, which was already a ghost town largely abandoned or never inhabited by users, has become a massive responsibility for the company.
The news comes from a Wall Street Journal report that says Google is expected to announce a series of privacy reforms today in response to the error. Google made that announcement about the results of its security audit of the Strobe Project minutes after the publication of the WSJ report. The changes include preventing most external developers from accessing SMS data from Android phones, call logs and some contact information. Gmail will restrict the creation of add-ons for a small number of developers. Google+ will interrupt all of its consumer services while it will be reduced in the next 10 months with an opportunity for users to export their data, while Google focuses on making G + a business product.
Google will also change your System account permissions to allow third-party applications access to your data, so you have to confirm each type of access individually instead of all at once. Gmail add-ons will be limited to those that "directly improve email functionality," including email, backup, CRM, mail merge, and productivity tools.
90 percent of Google+ sessions lasted less than 5 seconds
It's embarrassing, Google admits that "this review crystallized what we've known for a while: while our engineering teams have put a lot of effort and dedication into the construction of Google+ over the years, has not achieved widespread adoption by consumers or developers, and has seen a limited interaction of users "with applications. The consumer version of Google+ currently has little use and commitment: 90 percent of Google+ user sessions are less than five seconds. "For more information on the disappearance of G +, read our 2014 version at the beginning of the final
Since the error and the subsequent The security hole started in 2015 and was discovered in March before the GDPR in Europe came into force in May.It is likely that Google does not receive a global annual income fine of 2 percent for not revealing the problem within 72 hours The company could still face collective lawsuits and violent reactions from the public, on the positive side, G + posts and messages, Google account data, numbers phone and business content of G Suite were not exposed.
Since it is not clear if the user of G + the data was scraped or if would use for a nefarious purpose, the news of the error itself could have overflowed, similar to how I wrote that the recent violation of the privacy of the 50 million Facebook users can be forgotten if no evil use is found. But because Google tried to cover the problem because it did not reach a severity threshold, the company looks much worse. That casts doubt on whether Google is being transparent on many other controversial questions about its practices.
The fiasco could push Google into the same sea of scrutiny that currently drowns Facebook, as the company feared. Google has managed to float over much of the criticism on Facebook and Twitter, in part by stating that it is not really a social network. But now, his failed Facebook imitation of seven years ago could drag the search giant and see how it supports the growing demands for regulation, as well as testimony before Congress