Sergey Brin and Larry Page

The Wall Street Journal’s bombshell report that Google decided not to disclose a security lapse at Google+ dominated technology news on Monday.
The lack of transparency in Google’s handling of the situation is exactly why the European Union implemented tough privacy regulations this year, say legal and security experts.
They added that following the Cambridge Analytica case at Facebook, the new issue with Google+ gives US lawmakers more reason to adopt rules similar to those in Europe.
Google’s explanation that it didn’t report the security lapse because it could find no sign the information was misused doesn’t appear consistent with a memo reviewed by the Journal’s reporters.
They suggested that Google wanted to avoid scrutiny from regulators.

Google erred by not disclosing to users of Google+, the long struggling social network, that their personal data was left exposed to third-party developers, say legal and security experts.

And now, Google could face serious consequences for not being more forthcoming, the experts said.

On Monday, The Wall Street Journal reported that a software glitch led to the sharing of personal-profile information belonging to 500,000 Google+ users with third-party developers. In addition, The Journal wrote that Google managers chose not to disclose the security lapse to the public for fear that it might draw the attention of regulators.

Not revealing what happened much earlier was a mistake, according to Joseph Moreno, a former federal prosecutor who now oversees cybersecurity cases at the law firm of Cadwalader, Wickersham & Taft.

“You get out in front of these things,” Moreno said. The worst thing is to downplay it or stall or pretend that it didn’t happen. Now, you run the risk of walking into the type of government oversight that you said you were afraid of.”

‘Get out in front’

Moreno and other legal and security experts who spoke to Business Insider said the situation at Google+ could give US lawmakers one more reason to adopt the kind of increased oversight that the European Union implemented this year. It’s safe to say that nobody in tech wants more government regulation.

Google responded to The Journal’s story by downplaying the impacts of the security lapse. Managers could find no sign that anyone did anything nefarious with the exposed information, which in itself was little more than names, email addresses and occupations.

One fact not brought up in the blog post but might have worked in Google’s favor is that Google+ had only limped along for years and never seriously challenged Facebook.

The service, launched in 2011, was once compared to a digital ghost town. All this would seem to suggest that there wasn’t much at stake.

But one of the problems with Google’s explanation is the internal memo that The Journal’s reporters said they reviewed. According to them, Google’s lawyers and policy experts warned managers that if they disclosed the security lapse at Google+, it would potentially harm the company’s reputation and invite “immediate regulatory interest.”

If the security lapse resulted in so little harm, as Google says now, how come the company’s own lawyers …read more

Source:: Business Insider

      

(Visited 3 times, 1 visits today)
In the Google+ case, the lack of transparency from Google is likely the biggest problem for managers, experts say (GOOG, GOOGL)

Leave a Reply

Your email address will not be published. Required fields are marked *