User:Aharrwiki/sandbox



= Google Data Leakage 2018 = The Google Data Leakage 2018 was a major scandal in late 2018 when Google engineers discovered a software leakage within the Google+ API in the social network. As over five million user’s data was compromised this led to the immense news coverage on the trustworthiness of Google+ and the shutting down of the Google+ consumer social network on April 2nd 2019.

The harvesting of personal data was first noticed by Google+ producers in March 2018 during a review of its operations following the Facebook–Cambridge Analytica data scandal. The bug was immediately fixed however led to approximately 500,000 Google+ private users data being open to the public. Google did not disclose this information to the social network’s consumer database. On 8 October 2018, the article Google Exposed User Data, Feared Repercussions of Disclosing to Public was published by The Wall Street Journal. Following this, Google made a simultaneous blog post announcing the shutting down of Google+ in August 2019 as there was low consumer use and technological challenges.

Within November 2018, another data breach was found within a Google+ API software update. The bug was fixed within a week and no third party compromised the system. However, approximately 52.5 million non-public profile fields were exposed to alternative apps that requested access to individuals Google+ ID, and created access to other profiles that had shared information with each other.

Due to this, consumers called for greater consumer protection in online media and Google moved the Google+ social media shut down to April 2, 2019, with legacy Google+ API's being shut down March 7, 2019.

Overview of Google+
In June 2011 Google+ was launched as an invite-only social network and then become a public database later in that year. Similar to Facebook, Google+ acted as a social media database for posting photos and creating status's on individual feeds, yet included the key feature of being able to sort friends into categories called Circles and make group video calls with Hangouts. The other key feature of Google+ was Sparks; where Google tracked your past searches to find news and content related to a user’s interests.

Google+ had over 2 billion user accounts within its interface as it gave access many google apps including Gmail and Google Drive. However less than 400 million consumers were actively using the social media aspect, with 90% of these users using the social network for five seconds.

As Google+ had seen limited consumer interaction with apps and low social media usage the social network was shut down on April 2nd 2019.

Characteristics of the Data Breach
In January 2018, a formal assessment of third-party developers and app access to Google accounts was created named Project Strobe. Through this project, privacy platforms were examined and tightened as consumers were concerned of data privacy. In March, the analysis of Application Programming Interfaces (API) showed a data beach within the Google+ People API where external apps acquired access to Profile fields that were not marked as public.

Google found that there was no evidence of any user’s personal information being misused. A detailed analysis identified that 500,000 Google+ accounts were included in this data breach which was capable of allowing 438 external apps without authorisation to private users names, emails, addresses, occupations, gender and age. This information was able to be accessed by third-party apps between 2015 to 2018.

In November 2018, a software update created another data breach within the Google+ API. The bug impacted 52.5 million users where, similarly to the past data breach, apps were able to access Google+ profiles without consent displaying name, email address, occupation and age. Access was granted for six days before Google+ was able to rectify the problem, however they found no evidence of misused data.

News Coverage
The publishing of ‘Google Exposed User Data, Feared Repercussions of Disclosing to Public’ by the Wall Street Journal on October 2018 outlined the initial data breach, describing how Google+ had not originally disclosed the issue. There is no federal law that requires Googles to inform their consumers of data breaches. In response to the article, Google announced the permanent shut down of all consumer functionality.

Alongside the Wall Street Journal, considerable amounts of coverage was made on the issue by newspapers around the world discussing consumer’s privacy levels.

Responses on Google+ and Google
In response to the data breach, enterprise customers were notified of the impact of the bug. The issue was analysed by Google's Privacy and Data Protection Office, finding that there was no misuse of consumer's profiles data. Alphabet Inc. share prices fell by 1% to $1,157.06 on the 9 October 2018 after an earlier drop of $1,135.40 that morning being the lowest price since 5 July. Preparing for the Google+ social network, Google creating a 10-month period for consumers to download and migrate their profile’s data. On February 4th 2019 consumers were no longer able to create new Google+ profile. As the social network had a substantial amount of consumers, the process of deleting this data will take a few months and is in progress.

Google will rebuild Google+ as a corporate enterprise network where employees can participate in internal conferences. This network will have differing security and privacy settings. The app will require requested access to other Google platforms where only email functionality enhancing apps will be allowed after heightened security regulations. Google Play will now assess which apps can ask for permission to access the users SMS data; where only the default app for telephone distribution is able to make requests. Each request will not be asked simultaneously, instead will be shown individually and needing individual permission.