Following a massive data breach, Google announced that it is shutting down its social network Google+ over the next 10 months. Google found out a bug in their own API. This bug allows third-party app developers to access users’ personal data.
Google disclosed about this data breach in its blog post. The bug was discovered in March 2018 and Google did not disclose this information sooner because it feared regulatory scrutiny.
According to the statement, “The data breach has affected up to 500,000 accounts and over 348 third-party apps might have had access to the users’ personal information.”
However, Google says there is no evidence that developers were aware of this bug. Moreover, there is no evidence of data being misused.
What Google has to say?
Google acknowledges that Google+ has failed to attain broad consumer or developer adoption since its introduction.
According to Google, “Google Plus has never received the users’ engagement that they had hoped for, and 90% of the user sessions last for less than 5 seconds.”
So the company has finally decided to make some changes in Google applications over the next 10 months and will try to make it more secure.
However, Google+ will be alive as a product for Enterprise users. They believe that Google+ is better suited as an internal social network for companies, rather than a consumer product.
Moreover, Google is planning to roll out new Enterprise-focused products for Google+ in the near future. Google is focusing on a “secure corporate social network.” The company has announced to make some privacy changes for other Google services – some amendments in APIs will limit developers’ to access data on their Gmail ids and Android devices. According to this, developers will no longer receive SMS permissions and call logs on their Android devices. Moreover, the contact interaction data of users won’t be available through the Android Contacts API.
As far as it’s about Gmail, the company is updating its User Data Policy for the consumer version of the email service, this will limit apps access for developers. Any developer who has access to users’ data will have to undertake some security assessments and must agree to new rules about data handlings, such as not transferring or selling user data for targeting ads, email marketing tracking, market research, or other purposes.
In the end…
Google is planning to offer “more fine-grained control.” Apps will now have to show each permission requested, one at a time. We know this will make the download process a tad bit longer but will ensure that your data is secure and will only be used for services you are comfortable with.