Company didn’t disclose leak for months to avoid a public relations headache and potential regulatory enforcement
This March, as Facebook was coming under global scrutiny over the harvesting of personal data for Cambridge Analytica, Google discovered a skeleton in its own closet: a bug in the API for Google+ had been allowing third-party app developers to access the data not just of users who had granted permission, but of their friends.
If that sounds familiar, it’s because it’s almost exactly the scenario that got Mark Zuckerberg dragged in front of the US Congress. The parallel was not lost on Google, and the company chose not to disclose the data leak, the Wall Street Journal revealed Monday, in order to avoid the public relations headache and potential regulatory enforcement.
Related: The Facebook breach makes it clear: data must be regulated