back to article Investor fires shot at 'sinking ship' Google in battle over privacy-menacing Google+ bug

Google has been accused by one of its investors of trying to cover up and downplay a security blunder in Google+ could have caused the leak of half-a-million netizens' data. Nearly 500 third-party applications could have accessed the names, email addresses, and ages of roughly 500,000 people, thanks to a privacy screw-up by …

  1. Anonymous Coward
    Anonymous Coward

    Good idea, I think I'll sue Microsoft over Zune and Apple over Ping

    Seriously, what's the point of suing over a dead product?

  2. Claverhouse Silver badge
    Unhappy

    Lawyers will try anything...

    Just more grifters trying to take a suck off Google's milkshake...

    1. bazza Silver badge

      Re: Lawyers will try anything...

      Er, their clients part-own the company. By definition they're not grifters.

      This case touches on a deeper concern about what's going on in Google. It's a company that is increasingly attracting regulatory interest, including in the US now. A lot of the decisions being made seem to utterly ignore the possibility of break-up, fines, etc, as if they've got a do-it-anyway approach to privacy, monopoly, security, etc. This looks like it could be extremely bad for the long term interests of the company's shareholders. Trouble is that the company constitution doesn't give any control over company policy to ordinary shareholders.

  3. Nick Kew

    Irresponsible Disclosure?

    Does this amount to a claim that failure to disclose a bug immediately is fraud against the owners? And that Responsible Disclosure as we know it should, by extension, be ruled illegal?

    1. ds6

      Re: Irresponsible Disclosure?

      This is a bit different. Responsible disclosure is like warning a building owner there's a weakness in his property that miscreants could sneak through if they so desired; obviously you don't want to shout that from the rooftops. Using the same example, the shareholders are essentially business partners with the owner by purchasing equity in the property. Depending on their investment they could even be indirectly involved in the management of the property.

      It makes sense to not tell anyone outside the purview of property about the problem until it gets repaired, so that it can't be exploited in the mean time; hence responsible disclosure. Some owners decide tell the tenants/customers ahead of time, while others wait until it's in the process of being repaired or already done; there are pros and cons to both. As for the shareholders, they support the owner in business and should probably know if their investment is at risk, or if a hobo is going to crawl into their bungalow and scalp a tenant in their sleep.

      You see the point. If it wasn't in the MTD it should have at least been privately disseminated to shareholders. Even then it wasn't, hence the lawsuit. Responsible disclosure is still very important to protecting the assets, customers, and shareholders of a company, but Google/Alphabet still intentionally took waaay too long to tell anyone about this. Considering that every new Google account after 2012 had a Google+ account automatically created with it, they should have immediately notified shareholders and then notified any potentially affected customers either at the same time or after the issue was resolved. Even notifying shareholders with the customers after the bug was patched would have been preferrable to never saying a word.

      Had they taken the initiative, they could have spun the story like "your information was available but we have found no evidence that it was accessed in our investigation" and severely lessened the hit to both their reputation and their shareholders' equity. Since it was publicized by a third party as a "breach" they immediately lost PR control of the situation, and shareholders dropped their stock like it was radioactive.

  4. Alan Sharkey
    Happy

    It's a shame GDPR doesn't exists in the US

    Fined 4% of gross turnover? That could be interesting

    1. yoganmahew

      Re: It's a shame GDPR doesn't exists in the US

      If you had a gmail or other google account, you had a Google+ account - http://techland.time.com/2012/01/20/want-a-google-account-now-youre-automatically-signed-up-for-google/ - set up automagically for you.

      And you got Hangouts and other cruft on your Android device, cruft that you cannot delete...

  5. tony2heads

    Google+

    I am surprised that half a million used it.

    1. rmason

      Re: Google+

      @Tony2heads

      They bundled "making a G+ page" as part of the creation of a google/android or gmail account for a good while.

      Everybody got one! Hooray.

  6. EnviableOne Silver badge
    Go

    They know it wasnt used

    they might not know it existed, but they'd damn well know if someone used their API to access the info (Because $$$$$)

  7. ratfox
    Trollface

    the world’s fifth largest social media network?

    Wow, Google+ must have been way more successful than I thought... Except that in a few seconds, I can think of Facebook, Pinterest, WhatsApp, Instagram, WeChat, Twitter, Weibo, Snapchat, Linkedin that are more successful, so I don't know how they get that number. And I'm not even counting dating apps like Tinder.

    1. Steve Aubrey

      Re: the world’s fifth largest social media network?

      Largest =/= most-used. Just sayin' . . .

  8. Anonymous Coward
    Anonymous Coward

    Interesting that pension funds are speculating for capital gains rather than dividends. To realize income from non-dividend paying stocks they must be sold, which is akin to a store selling stock without re-ordering. A pension fund's directors are unlikely to admit their choice of a stock wasn't a good investment until the stock tanks. The Canadian Pension Plan invested in Nortel, which probably seemed at the time to be a great, nationalistic investment. Oops.

    1. James Anderson Silver badge

      The tax regime in the US makes dividends deeply unattractive to the average investor. The issuing company pays a fax on the dividend, than the receiver pays income tax on the dividend. Captal gains attract much less tax and you can offset any losses on other shares against the profits.

      Hence companies like Amazon, Google don’t even bother with dividends, and use share buy backs and similar schemes to insure an ever rising share price.

  9. Reginald Onway
    Facepalm

    Maybe a stupid question...

    Bug or feature?

    If G+ had caught afire and the backdoor access simply laid dormant and silent waiting like a spider I could see how it might be of value to certain entities.

    Stupid me, right?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021