Google+ Shutting Down: What You Should Know

Google reveals a Google+ data breach and says they're closing the social media platform.

Google+symbolsIf you use Google+ to drive traffic to your blog, start looking for a new source of traffic.
The company decided to “sunset” Google+ for consumers, meaning they’re going to shut it down.

Google+ for consumers refers to the free social network for non-enterprise users.

Why is Google+ Shutting Down?

Google claims over the years their feedback shows people want a better understanding of how to control the data they share.

At the beginning of the year, the company launched Project Strobe. This audit was designed to review third-party apps, services and websites that build on top of Google’s services.

It assessed issues such as privacy controls, areas where developers received overly broad access and areas where policies need to be tightened.

In the midst of that audit, in March, Google discovered a bug in one of the Google+ People APIs that exposed private data to third-party developers. The company says up to 438 applications may have used that vulnerable API.

Google claims they immediately patched the bug.

However, the audit made Google realize “there are significant challenges in creating and maintaining a successful Google+ product that meets customer expectations.”

They also found that Google+ “has not achieved broad consumer or developer adoption.” And,“it currently has low usage and engagement.”

According to the company, 90% percent of Google+ user sessions are less than five seconds.

So, given the limited use and the difficulty of keeping the social media network up to par, Google is sunsetting Google+.

What Was Exposed?

According to Google, data that was vulnerable includes “static, optional Google+ profile fields.” They say that includes details such as name, email address, occupation, gender and age.

For a full list, they point users to this post.

Google says information such as posts, messages, Google account data, phone numbers and G Suite content was not exposed.

How Many Accounts Were Affected?

“We made Google+ with privacy in mind and therefore keep this API’s log data for only two weeks. That means we cannot confirm which users were impacted by this bug,” the company said.

In other words, we don’t keep the data we need to determine that, so we don’t know.

But Google said they ran a detailed analysis over a two-week period and believe that 500,000 Google+ accounts were potentially affected.

If it makes you feel any better, Google says there’s “no evidence” that the developers who had access to this data used it. In fact, they say there is “no evidence” that any of those developers were even aware that they could exploit the bug.

But before you take too much comfort from that, realize that’s just a long way to say we don’t know if any developers accessed the data or not.

Also, don’t take comfort in knowing that you didn’t approve any third-party apps while using Google+. The “bug gave developers access to the profile data of friends [of those using third-party apps] regardless of whether those friends had chosen to share that information publicly, explained Engadget.

That means if you’re my Google+ friend and I was using a third-party app,  your data could be exposed through your connection to me.

Why Didn’t I Hear About the Google+ Breach?

Google says they apply several criteria when deciding whether to notify users in cases like this. Those criteria include:

*The type of data involved

*Whether they can accurately identify the users to inform

*Whether there was evidence of misuse

*Whether there are any actions a developer or user can take in response

“None of these thresholds were met in this instance,” Google said.

The company makes it seem as though they are discussing it now merely as part of the broader announcement about their findings and actions in response to Project Strobe.

However, the Wall Street Journal says internal documents show Google didn’t go public with the information because they were worried about facing heat from regulators.

At the time when this data breach was discovered, Facebook was under fire for the information Cambridge Analytica got from Facebook users. Google didn’t want any parts of that spotlight.

According to the Wall Street Journal, documents and sources also reveal that this breach wasn’t a quickie affair. Developers had access to that private Google+ data from 2015 to 2018.

What Will Happen to My Google+ Data Now?

Google+ will wind down over a 10-month period, which puts the sunset date at the end of August 2019.

Meanwhile, Google will provide consumers with additional information including ways to download and migrate their data.

Remember, this only applies to the consumer version.

Project Strobe revealed “Google+ is better suited as an enterprise product,” so that part of the service will continue to allow co-workers to engage in internal discussions on a secure corporate social network.

Is There Anything Else I Should Know?

Expect to see some other changes when using other Google services.

In response to information from Project Strobe, Google is taking other actions, which includes presenting app permissions individually. This means if an app wants access to your calendar, your photos and your storage, you can accept or deny each one.

Google will also limit which apps can access your Gmail consumer data and which apps can access phone data, such as call logs and SMS data.

If you want to dig into Google’s announcement about Project Strobe, it’s here.

If you’re an avid Google+ user, leave a comment about which platform you’ll shift to once Google+ is gone.

If you’ve started getting Google+ spam violations, read this.

See Also: Should You Use Amazon Business?