Yesterday news broke of a flaw in the Google Plus API which from 2015 till recently in 2018 had the potential to expose otherwise private user data, something which would be bad enough on its own if it wasn’t for the fact that when Google became aware of this problem, but Google also apparently felt the best course of action was to not disclose that this had even happened for months!
I’ve linked to a couple of articles here and here which discuss this issue – I don’t want to reiterate what all the tech news sites have had to say factually on the matter, but I do have quite a bit to say surrounding the event as it is. You can easily find more information online if you wish to read more about the actual problem itself.
First off, it’s hilarious that this would happen with the Google Plus service, of all things, given the history of people simply hating it. Indeed, Google seems to be taking this as a chance to finally close the service outright (or, from what I’ve gathered, modify it to be more of a professional oriented service like Linkedin) apparently treating the possible data leak as a reason to shutter the site. Of course, this makes no sense, and they are obviously sacrificing the service as part of damage control – the average person will think by killing the service they are making things safer, and this will boost public perception of Google on a whole.
Longtime readers will know I’m actually not too fond of Google as a company, and for nearly a decade now I’ve hinted at this, generally quietly but steadily standing my ground that Google, like so many other companies, only cares about your data – not you. Hell, they literally are a data company at the core of their brand and business model, with all the other services they provide designed for the use of this data, mostly for advertising.
However, it’s been a long-standing thing that discussing Google in a bad light is some kind of internet sin. You can’t hate Google. You can hate Facebook for “wanting your data” as they do, but when Google wants it? Nope, that’s totally on the up and up.
This flaw in the Google Plus API’s show that Google on a whole doesn’t check their programming as well as they apparently should. The fact that they hid any announcement of this, reportedly over concerns on how it would affect the perception of the company. So, rather than let people know there was an issue and own up to it, they hid it until the leak of information regarding the flaw.
Yep. That’s totally a company that cares about you. /sarcasm
Now, to be fair, Google has done a hell of a lot of good work on a whole as far as tech advancement and the core ideas behind many of their services go. I’m not going to knock their success, but as any long-term reader will know, I can’t stand the elitism and cult-like worship that fans of companies have regarding these businesses. They don’t want to admit where problems can be, are demonstrably present, or just the fact that by the nature of being a business they don’t care about the individual. If you still think Google actually cares about you as a user, you have to be delusional.
Their services aren’t perfect, either – many inherently flawed in ways that just boggle the mind, or stuck with certain operational nuances that just make me wonder why? Why is this how YouTube is? Why is this how Android wants to behave? Why hasn’t this been changed? Why is this broken? Why are all of their services a cluttered mess when, ironically, the Google Plus integration they sought out originally would have been perfect? Oh, right, because everyone hated Google Plus.
There is one good thing about all this – it seems unlikely that was exposed was actually gathered in any method, let alone used maliciously. Still, this alone should act as a strong reminder that unless critical real data about users really just doesn’t need to be gathered, or treated as some kind of mandatory thing.
When Google Plus was first launched, it followed a strong “real name” rule, among other policies on how it was to be used and what data was to be given. I’d imagine given how the site quickly became an effective ghost town many people never actually updated their data or changed it to false info once Google Plus relaxed its requirements (which is something I did once I discovered they would let you change information more liberally – I quickly switched my Google account info to reflect my online alias) or deleted the Google+ account in and of itself.
Of course, the way Google has all of their separate services integrated together makes things complicated. At this stage I question if most users even would be able to change or delete said info, and also makes me question the possible scale of future issues with the company and their services – while “messages and contact information” were not supposed to be parts of the possible data leak this time, what other flaws might be existing in Google’s services, and what kind of data might they expose?
Yet people go on day in day out trusting and loving this company far more than I feel they should. What do I know though, I’m only someone who’s watched events like this happen time and time again and was nearly a decade ago already telling people Google is no more trustable than Facebook with data. Possibly for different reasons but still… acting like Google is your friend is a mistake.
Now to wait for the angry fanboys to comment just like they did when I wrote “Google, Get It Together” back in 2015. Honestly, I wish I had saved the comment becuase damn, it had fanboy written all over it.
To be fair, I don’t “hate” Google as much as I did a few years ago – that article is a product of its time and the pretty terrible experience I was having with the company at that time – but the fact remains while I will use their services, that doesn’t mean I have to like the company or can’t criticize them or, more properly, the fan base which worships them.