Privacy and the Deprecation of Google+

The company known as Alphabet has a little entity that is called Google, which pretty much can do whatever it wishes in the online space and has the weight of a gray whale accompanying it as it executes its strategy.

Google entered the social network milieu in mid-2011 with their offering of Google+, a network which touched millions.

In October 2018, Google announced via a Google+ posting the sunsetting of Google+, noting that the “challenges of creating and maintaining a successful Google+ that meets consumers’ expectations” were primary considerations, as was the declining use of their platform. They declared that August 2019 will be the date when the social network would be shuttered for good.

The Google+ Challenges

Separately, in a Google Blog post, the company added a bit of additional color around those “challenges.” They highlighted their issues with maintaining privacy controls of user data. Indeed, they revealed in the blog post that as many as 500,000 Google+ accounts were potentially affected by a bug which allowed access via the Google+ API to user profile data.

They opined that it did not include access to post, general Google account data, or G-Suite content. They clearly were making sure that readers knew it was only a certain breed of cow which was allowed out of the barn: the Google+ users.

The discovery and patch occurred in March 2018. The disclosure of this breach - well, the October 2018 blog post - was the first time consumers learned that their data may have been exposed, and that Google+ didn’t have a firm handle on who or what was exposed.

This sequence of events earned the CEO of Google, Sundar Pichai, an invitation to testify before congress, as Google joined the club of tech companies who were demonstrating their inability to protect the information which they had so painstakingly collected.

The hearing was set for early-December 2018, and by all accounts - including that of Wired - Pichai got off easy as the legislators demonstrated their lack of acumen when it comes to the technologies being used by their constituents. The most egregious example being the query concerning the security of Apple’s iPhone being posited to Pichai, and his response that the answer desired was more appropriate within another company.

Perhaps more disappointing was the level of detail and energy which was focused - or perhaps we should say - was not focused on consumer privacy and security. In the end, Pichai assured the legislators that he leads Google “without political bias.” 

You see, the day before Pichai’s testimony, Google learned that their Google+ platform had another privacy issue. This time their lapse in security put 52,000,000 (52 million) users’ personal information at risk. Yet, Pichai didn’t comment on this lapse in security during his time in the legislative hot seat.

The Exposure of 52 Million

Google reported in their December blog post how the bug allowed user data to be accessed for six days in November 2018. Their verbiage directed the reader toward the lack of evidence that this accessibility was exploited, and reassurance that the exposure of users’ data was not as a result of a breach or system compromise. It was, however, associated with the Google+ API.

While Google fixed the hole, it signaled to them that Google+ was that “bridge too far.” They were and are unable to maintain the security of the application. The deprecation of Google+ was therefore accelerated from August 2019 to April 2019. Users can expect to see the shuttering of Google+ in approximately 60 days.

Recommendations to Users

If you have a Google+ account, archive your photos and content manually within the next 60 days, and after doing so, manually delete the Google+ account. In doing so, the user is sure that their information has been deleted and not left to the devices of Google, who continues to demonstrate that when it comes to Google+, they can’t really protect what they collect(ed).

Be safe, take your privacy and your personal information into your own hands.