Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Google Launch Event Overshadowed by Privacy Firestorm

Google was supposed to be focusing Tuesday on its launch of a new smartphone and other devices, but the event was being overshadowed by a firestorm over a privacy glitch that forced it to shut down its struggling social network.

Google was supposed to be focusing Tuesday on its launch of a new smartphone and other devices, but the event was being overshadowed by a firestorm over a privacy glitch that forced it to shut down its struggling social network.

The Silicon Valley giant said Monday it found and fixed a bug exposing private data in as many as 500,000 accounts, but drew fire for failing to disclose the incident.

The revelation heightened concerns in Washington over privacy practices by Silicon Valley giants after a series of missteps by Facebook that could have leaked data on millions.

“In the last year, we’ve seen Google try to evade scrutiny — both for its business practices and its treatment of user data,” Senator Mark Warner said in a statement.

Warner said that despite “consent” agreements with the US Federal Trade Commission “neither company appears to have been particularly chastened in their privacy practices” and added that “it’s clear that Congress needs to step in” for privacy protections.

Marc Rotenberg, president of the Electronic Privacy Information Center, said the latest breach suggests the FTC has failed to do its job in protecting user data.

“The Congress needs to establish a data protection agency in the United States,” Rotenberg said. “Data breaches are increasing but the FTC lacks the political will to enforce its own legal judgments.”

Rising tensions

The internet search leader had already faced tensions with lawmakers after it decided against sending its top executive to testify at a hearing on privacy and data protection, prompting the committee to leave an empty seat for the company.

Last month, Google indicated it would send chief executive Sundar Pichai to testify before Congress.

Google has also been in the crosshairs of President Donald Trump, who alleged that its search results were biased against conservatives, although there was little evidence to support the claim.

The rising tensions come with Google holding an event in New York widely expected to release its Pixel 3, the upgraded premium smartphone that aims to compete with high-end devices from Apple and Samsung.

The Pixel phone is part of a suite of hardware products Google is releasing as part of an effort to keep consumers in its mobile ecosystem and challenge rivals like Apple and Amazon.

On Monday, Google said it was unable to confirm which accounts were affected by the bug, but an analysis indicated it could have been as many as 500,000 Google+ accounts.

Google did not specify how long the software flaw existed, or why it waited to disclose it.

The Wall Street Journal reported that Google executives opted against notifying users earlier because of concerns it would catch the attention of regulators and draw comparisons to a data privacy scandal at Facebook.

Earlier this year, Facebook acknowledged that tens of millions of users had personal data hijacked by Cambridge Analytica, a political firm working for Donald Trump in 2016.

Google has also faced increasing tensions over a reported search engine which would be acceptable to Chinese censors, and over its work for the US military.

On Tuesday, Google confirmed it is dropping out of the bidding for a huge Pentagon cloud computing contract that could be worth up to $10 billion, saying the deal would be inconsistent with its principles.

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Data Breaches

T-Mobile disclosed another massive data breach affecting approximately 37 million customer accounts.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...