Google Starts Deleting Social Network Accounts After 52 Million Users Thought Exposed To Privacy Bug
Google+ never really emerged as the social network contender to beat the likes of Facebook and Twitter that Google had hoped it would be. Now, less than eight years after launching, Google+ has officially ceased to be. Google has stated that, starting today, content in Google+ consumer accounts will start being deleted. There are many reasons that could be plucked from the reasons for closure hat, not least that it was a wasteland rather than a thriving network, but the straw that broke this social camel's back was actually a coding bug with user privacy implications.
Google+ never really emerged as the social network contender to beat the likes of Facebook and Twitter that Google had hoped it would be. Now, less than eight years after launching, Google+ has officially ceased to be. Google has stated that, starting today, content in Google+ consumer accounts will start being deleted. There are many reasons that could be plucked from the reasons for closure hat, not least that it was a wasteland rather than a thriving network, but the straw that broke this social camel's back was actually a coding bug with user privacy implications.
Whereas Facebook has so far largely weathered the user privacy problems storm, Google+ had neither the critical membership mass nor community momentum to survive the potential exposure of 52 million user's data. Google itself admits that Google+ was a failure, with the consumer version having "low usage and engagement" and 90% of Google+ user sessions being less than five seconds long. But it was the combination of that bug, and the decision not to disclose it for many months, which really hammered home the nails in this particular coffin.
The coding bug was thought to be active between 2015 and 2018, leaving profile information including gender, age, occupation and the like exposed to third-party developers even if flagged by the user as private. It was eventually uncovered and fixed in March 2018, but it wasn't until October that Google came clean and disclosed it. The decision to delay disclosure was in part, according to the Washington Post report that broke the news, "because of fears that doing so would draw regulatory scrutiny and cause reputational damage."
This should be a lesson to every organization that when it comes to user privacy and security issues then honesty, and urgency, is the best policy. While there would inevitably have been some reputational fallout, this would likely have been short-lived and relatively easy to contain. Indeed, while Google admitted that "the bug impacted approximately 52.5 million users" it also pointed out there was no evidence that any of the hundreds of developers with access to that user data for six days were actually aware of it let alone misused it. According to Ben Smith, a Google fellow and vice president of engineering, the final numbers turned out to be 438 applications that used the buggy code which potentially gave access to "up to 500,000 Google+ accounts" rather than in excess of 50 million.
If you were a Google+ user then there has been ample time to save your content and ample instructions from Google how to do so. However, if you managed to miss all of this it's probably still not too late to access your postings. The Internet Archive has been backing up publicly visible posts for the last few weeks, with images and video being stored at a low resolution, and you can see how it is getting on courtesy of a real-time tracker.
Google+ isn't completely dead though. Commercial users will be glad to know that it remains part of the Google GSuite as an internal communications network. For everyone else, being brutally honest, I cannot see many tears being shed...