Justin Sullivan/Getty Images
show image

Google+ closure “expedited” after engineers discover another major API vulnerability

Google is “expediting” the closure of Google+ after its engineers discovered a bug had exposed the data of 52 million users of the ailing social network.

A software update rolled out last month inadvertently allowed app developers to access users’ private information via an API without their permission.

The Silicon Valley giant said it fixed the issue in six days and there was no evidence developers had been aware of the error or sought to exploit it.

But it will be conscious of the parallels between the glitch and the controversial Facebook developer platform blamed for this year’s Cambridge Analytica scandal.

In a blogpost David Thacker, a senior Google product manager, said that “while we recognize there are implications [of removing API access] for developers, we want to ensure the protection of our users.”

The company is expected to shut down all Google+ APIs within the next 90 days. Thacker added that “we have also decided to accelerate the sunsetting of consumer Google+ from August 2019 to April 2019”.

Google came under criticism in October after the Wall Street Journal reported the company had been aware of a security vulnerability affecting Google+ around the time the Cambridge Analytica scandal emerged March, but that it had decided not to disclose it for fear it would attract “immediately regulatory interest”.

In a blogpost, the company’s engineering chief Ben Smith said at the time an internal investigation concluded its thresholds for disclosing the vulnerability had not been met.

Google’s handling of user data is likely to be one of the key lines of questioning when its CEO appears before the Senate today (11 December). In his prepared remarks, Sundar Pichai is expected to play down claims that the company’s algorithms show a political bias, as US President Donald Trump has regularly claimed.

“I lead this company without political bias and work to ensure that our products continue to operate that way,” Pichai will say. “To do otherwise would go against our core principles and our business interests. We are a company that provides platforms for diverse perspectives and opinions—and we have no shortage of them among our own employees.”

Pichai’s appearance may mark the last in a series of dramatic moments of political theatre for the tech industry this year, but Washington’s showdown with Silicon Valley is likely to continue into 2019 and beyond.