This March, as Facebook is coming under global scrutiny on harvesting personal data Cambridge Analytica, Google the discovery of a skeleton in the closet: a glitch in the software applications of Google+ has been allowing third party application developers to access data not only from users who have been granted permission, but from their friends.
If this sounds familiar, because it is almost exactly the scenario that got Mark Zuckerberg dragged in front of the US Congress. The parallel was not lost on Google, the company opted not to disclose the data breach, “Wall Street Journal” revealed on Monday, in order to avoid public relations headaches and potential regulatory enforcement.
Disclosure will likely result “in the United States next to the lights alongside or even instead of Facebook despite having stayed under the radar throughout the Cambridge Analytica scandal” Google policy and legal officials wrote in the memo obtained by the council. “Almost a guarantee of Sander will testify in front of Congress.” The disclosure also call “immediate regulatory interest,” said the note.
Shortly after the story was published, Google announced that it will shut down consumer access to Google+ and improved privacy protection for third-party applications.
In a blogpost about the shutdown, Google to disclose the data breach, which he said are likely to affect up to 500,000 accounts. Even the 438 different third-party applications may have access to private information because of the bug, but Google apparently has no way of knowing if they do because it keeps the Logs API to use for two weeks.
“We did not find any evidence that any developer had been aware of these errors or misuse of the API, and found no evidence that any personal data was misused,” Ben Smith, vice president of Engineering, wrote in a blogpost.
Smith defended the decision not to disclose the breach, writing: “the more data the user has touched, we go beyond legal requirements and apply many of the standards that focuses on users in determining whether to provide notice.”
On Facebook the breach makes it clear: data must be regulated
None of the thresholds, public disclosure, said Smith. There is no federal law required Google to disclose data leaks, but there are laws on the state level. In California, where Google-based companies only required to disclose the data leak if it includes each individual’s name, Social Security number, identity card or driver’s license number, plate, medical information or health insurance information.
Google also announced a series of reforms to the privacy policies aimed at giving users more control over the amount of data that is shared with third-party application developers.
Users will now be able to have a more “fine-grained” control over various aspects of the Google accounts that they give to others (i.e., calendar entries v Gmail) and Google increase the limit third party access to email, SMS, contacts, phone records.
David Carroll is a professor who sued Cambridge Analytica earlier this year to find out what is the data storage company. He was given to the legal issues Facebook faces on Cambridge Analytica shopping, it is not surprising Google tried to sneak from public view.
“Google right to be concerned and shut down Google shows how you can get rid of them things really are in the face of accountability,” he said.
For others, the sealant further evidence that the major technology platforms need more regulatory oversight.
“The fraudulent online platforms like Google and Facebook are probably too big to secure’ surely ‘too big to trust’ blindly,” said Jeff Hauser of the Center for Economic Research and policy.
He said that the United States Federal Trade Commission should move towards “break this house.”
“In the meantime, where we can’t trust that we know much or even more than what should be public concern, the FTC must install the public into thinking the privacy screen in the companies as an element of accountability.”
Share on Facebook
Share on Twitter
Share via e-mail
To share on LinkedIn
Tion js-social__–bottom Social-icon-wrapper’ data-link-name=’Social down’ href=’http://www.pinterest.com/pin/find/?url=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2018%2Foct%2F08%2Fgoogle-plus-security-breach-wall-street-journal’ target=’_blank’ title=’Pinterest’>
Shared on Pinterest
the h-wall-street-journal%3FCMP%3Dshare_btn_gp&hl=en-GB&wwc=1″ target=”_blank” title=”Google plus”>
Share on Google+
Share on WhatsApp
Share on Messenger