Groups Similar Search Look up By Text Browse About

Congress is fed up with Google after it hid major data breach for months


Googles childish approach to business ethics has landed it in hot water with Congress yet again. After discovering a software glitch earlier this year – persisting since 2015 — the company chose to hide it from consumers and regulators. That is, until The Washington Post exposed it earlier this week. The glitch, which has since been fixed, affected the companys Google+ social network and exposed the personal data of nearly 500K users. Not here exactly, but on our new hardware site Plugged. Google has since shut Google+ down permanently. But questions remain over the timeline, and why the company chose not to disclose the glitch and potential breach. Senators John Thune, Roger Wicker, and Jerry Moran, are now demanding answers. The trio sent a letter to Google CEO Sundar Pichai on Thursday requesting information about the nature of the companys response to the breach. Specifically, the Senators are demanding a copy of an internal company memo allegedly detailing plans to keep quiet about the glitch. Google initially stated it hadnt disclosed the glitch because it wasnt sure if any breach had actually occurred. The Senators letter calls that motivation into question: But according to an internal memo cited in the article, a factor in Googles decision not to disclose the vulnerability was fear that doing so would draw immediate regulatory interest, bring Google into the spotlight alongside or even instead of Facebook despite having stayed under radar throughout the Cambridge Analytical scandal, and almost [guarantee] Sundar will testify before Congress. The letter calls on Google to provide the Senators with a copy of the memo and to answer a series of seven questions related to its choice not to disclose the glitch and what it thinks its obligations to its users are. The Senators also gave Google a deadline by which to respond with its answers (5:00 PM, 30 October) and set up a staff meeting. It comes off a bit like Thune and company are trying to give Google extra homework for breaking the rules, but the existence of the memo could be perceived as an attempt to subjugate regulatory efforts during a high-profile period for big tech. Google says it had no legal obligation to disclose the glitch. This latest kerfuffle for Google isnt the first time this year its been in poor graces with members of Congress. Sundar Pichais refusal to join Facebook CEO Mark Zuckerberg and Twitters Jack Dorsey for a hearing last month raised the ire of Capitol Hill. Now Pichai runs the risk of Congress ordering one that focuses solely on Google. The company appears to be struggling to find its identity under Pichais leadership. This year alone it suffered employee protests over its involvement in developing AI for the military and for building a censored Search engine for the Chinese government. The latter of which earned it yet another rebuking from the US government when Vice President Mike Pence personally requested Google immediately stop working on it. It cant be a good thing for Google to be on the US governments bad side — especially considering AI regulation is almost certainly coming to the US. Perhaps Googles parent company, Alphabet, should consider putting someone in charge who doesnt, allegedly, need to be protected from testifying in front of Congress.

Senators to Google: Why didn’t you disclose Google+ vulnerability sooner?


3 GOP senators want Google to give answers over data leak that affected 500,000 users. So far, one federal proposed class-action lawsuit has been filed in the wake of the episode. In a Thursday letter sent to Google CEO Sundar Pichai, Sen. John Thune (R-S.D.), Sen. Roger Wicker (R-Miss.), and Sen. Jerry Moran (R-Kan.) have asked a number of pointed questions of the tech giant. Among others, the lawmakers seek answers to some basic questions that for now the company has been unwilling to answer publicly. As they wrote: Please describe in detail when and how Google became aware of this vulnerability and what actions Google took to remedy it. Why did Google choose not to disclose the vulnerability, including to the Committee or to the public, until many months after it was discovered? Are there similar incidents which have not been publicly disclosed? …Please provide a copy of Google's internal memo cited in the WSJ article. The senators asked Google to respond by 5pm ET on October 30. Google did not immediately respond to Ars request for comment.