ADVERTISEMENTREMOVE AD

Google Plus Data Breach: What Do We Know So Far

Google Plus has been shut down for users after major bug was discovered in March 2018. 

Updated
story-hero-img
i
Aa
Aa
Small
Aa
Medium
Aa
Large

First, it was Facebook, then Microsoft and now it’s Google’s turn to admit the mishap at its end. The search giant which now comes under the ambit of Alphabet (its parent company) confirmed on Monday, 8 October that it is shutting down Google Plus, its social media platform for the users.

But why is Google talking about a platform that never really took off and why is it telling the world about it now? Turns out, there was a bug which was discovered by its software team, and apparently they have fixed the issue earlier in March this year.

So, what really is the matter, do users have something to worry about? After all, this is Google, which is linked to almost everything that you do on the internet these days. Here’s everything you should be knowing about the issue at hand.

ADVERTISEMENTREMOVE AD

What Happened?

Google ran an internal review of developer access to Google accounts and Android device data called Project Strobe, where it discovered that third-party access to user information was going beyond what they really needed.

For instance, it has never been understood as to why an LED torch app on Android would need details of a user’s phone log or access to his/her Wi-Fi network.

“As part of our Project Strobe audit, we discovered a bug in one of the Google+ People APIs.”
Google Blog Post

The post further goes on to say that, “We discovered and immediately patched this bug in March 2018. We believe it occurred after launch as a result of the API’s interaction with a subsequent Google+ code change”.

While many point out that closing down of Google+ makes no considerable difference to their digital lifestyle, these glaring issues pointed out by Google carry more weight than one can imagine.

How Does it Affect Me?

Apparently, this bug is likely to set off the panic mode for users, especially when Google has to say this:

“Users can grant access to their profile data, and the public profile information of their friends, to Google+ apps, via the API. The bug meant that apps also had access to profile fields that were shared with the user, but not marked as public.”
Google Blog Post

Google changing its developer access has a direct impact on its users, across all the products, including the popular ones Gmail.

“We are updating our User Data Policy for the consumer Gmail API to limit the apps that may seek permission to access your consumer Gmail data. Only apps directly enhancing email functionality – such as email clients, email backup services and productivity services (e.g., CRM and mail merge services) – will be authorised to access this data.
Google Blog Post

In addition to that, apps will also have to rely on less data from the user. Google Play will limit which apps are allowed to ask for permissions like call log data, SMS data and access to user’s phone. “Only an app that you’ve selected as your default app for making calls or text messages will be able to make these requests,” Google highlighted.

Over 500,000 users are likely to have been part of the victim list, and it’s scary to hear Google say that it doesn’t know which users have been affected.

“We made Google+ with privacy in mind and therefore, keep this API’s log data for only two weeks. That means we cannot confirm which users were impacted by this bug. However, we ran a detailed analysis over the two weeks prior to patching the bug, and from that analysis, the profiles of up to 500,000 Google+ accounts were potentially affected.”
Google Blog Post

These changes aren’t going to make an immediate impact but surely you will see them happening in the coming months.

ADVERTISEMENTREMOVE AD

What’s Changing with Google for Users

A lot actually. Google is changing the dynamics of data access for third-party developers, something that’s going to work in favour of users, but not so much for the businesses.

Google has, after all, become a one-stop shop for digital companies to tap into users via their shopping pattern, their ride history or even what they like to search on the internet.

“Going forward, consumers will get more fine-grained control over what account data they choose to share with each app. Instead of seeing all requested permissions in a single screen, apps will have to show you each requested permission, one at a time, within its own dialog box. For example, if a developer requests access to both calendar entries and Drive documents, you will be able to choose to share one but not the other.”
Google Blog Post

Withdrawing that amount of support could come as a relief to users but apps like Flipkart, Uber or even the likes of Paytm could have a hard time acclimatising to the upcoming changes.

These are strong measures that could affect Google’s revenue streams but users hardly care about how much money these corporates make. This development will further spice up Google CEO, Sundar Pichai’s testimony before the US House next month.

It’s time data-oriented giants like Google and Facebook (even Amazon) realise the extent of data that resides under their responsibility. They should also take better care of its users, which is unlikely happen, when most of the data is hard to keep track of.

If ever there was a clamour for decentralised internet and letting users take control of his/her data, it has to be now!

(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)

Published: 
Speaking truth to power requires allies like you.
Become a Member
×
×