In a turn of events that was impressively foretold by WordStream founder Larry Kim way back in 2015, Google is putting its long-beleaguered social media platform, Google Plus, out to pasture. While, according to the official announcement, Google dedicated quite a bit of time and resources over the years into making Google Plus a valuable platform for consumers, a data breach that occurred back in March seems to be the final straw. Google Plus was like ugly stepchild that broke the family vase. It wasn’t all that popular anyway, and this latest indiscretion gave Google overwhelming incentive to disown it.
Let’s talk a little bit more about the data breach that occurred, and some overarching ramifications of the announcement.
Google’s fourth attempt at building a social network, Google Plus followed the likes of Google Buzz, Google Friend Connect, and Orkut. Growth of the platform’s user base seemed promising—it enjoyed 395 million active accounts as of 2016. But also as of 2016, 91% of those accounts were empty. Today, 90 percent of Google Plus user sessions last less than five seconds. Why the huge discrepancy between number of accounts and amount of usage? For years, Google Plus integrated with apps like Photos, Hangouts, and YouTube. You had to have a Google Plus account to use and interact with these apps.
This meant that the majority of users on Google Plus were only on Google Plus to use these other apps. Unlike Facebook, which legitimately saw Google Plus as a threat in its early stages, people were not setting up Google Plus accounts to actually use the platform. For comparison’s sake—having a Facebook account makes it easier to sign into Spotify, and actually, quite a few other services, but that’s not why most people have Facebook accounts.
The breaking out over time of products and services from the Google Plus umbrella—Gmail, Photos, Streams, YouTube—ultimately rendered the platform a ghost town. But because nobody wants to publicly disown a child, no matter how problematic and unproductive it has been, Google clung onto Google Plus for longer than was probably necessary.
Then the data breach happened.
This data breach was nothing on the scale of Cambridge Analytica—which accessed the private information of more than 50 million Facebook users—but it wasn’t nothing, either. Google launched Project Strobe, a data regulation effort spearheaded by Skrillex and LCD Soundsystem (not really) at the beginning of the year. According to the announcement, Project Strobe was launched independently, prior to the data breach, and therefore the data breach was something it was actively looking for, not something it accidentally stumbled upon.
The purpose of Project Strobe was to review third-party developer access across Google’s vast network of apps and services—the idea being that the more complex that ecosystem becomes, the more difficult it is for Google to regulate data privacy and security. With regard to Google Plus, here’s what it found (quoting directly from the blog post):
TL;DR: Google discovered a glitch in its system that allowed third-party apps to access some of the private information of up to 500,000 people. It fixed the glitch immediately. While it knows how many people could have had their information used for nefarious reasons, it doesn’t know how many actually did; and moreover, has found little reason to believe any actually did.
“Data breach” is a big-time trigger word in the media right now, but it looks like, all things considered, this one was pretty harmless. Still: Google Plus is no more.
It truly gets better every time you say it: Project Strobe produced four findings altogether, only one of which was “jettison Google Plus.” The other three, in order:
Google’s solution here is to, indeed, give users more granular control over which information they choose to share with third party apps. In the past, if an application wanted access to, say, your Calendar and your Drive, Google would only ask if you consented to share both sets of data. Now, it will ask if you consent to share each set, one at a time:
Google is updating its User Data Policy for the consumer Gmail API. Now, when you grant third-party access to your Gmail account, only apps that directly augment email functionality will be authorized to access your data. They’ll also need to accept Google’s new security standards, and subject themselves to regular security reviews.
Same as the changes above, but for Androids—only apps that you’ve personally selected as your default apps for making calls and sending texts will be able to access your data (should you consent to share it).
Across the board, then, Google is improving security and ramping up transparency (two major themes this year) by cracking down on third-party data access.
Google still maintains that Google Plus has been a useful platform for enterprises—that the companies that have seen the most success with it use it essentially as an insulated, secure network where co-workers can engage in discussions and otherwise corporate-regulated interactions. If you’re one of these companies, don’t despair—Google is implementing a 10-month “wind-down” period that will allow users to safely migrate data off the network, and will also be releasing information in the coming days on soon-to-be-released features that will mitigate this long-in-the-works, much-portended demise.
Please read our Comment Policy before commenting.