Earlier this week, Google announced that a vulnerability in Google+ exposed the private data of some 52 million users. This huge fail was round two: The tech giant had alreadyannounced was shuttering Google+ in 2019 thanks in part to a different privacy breach reported in October. After this latest breach, Google is speeding up the process, closing down its failed social network in April 2019 rather than August.
You can and should get as far ahead of this Google fail as possible by deleting your own Google+ account right now. But even so, that very process serves to illustrate how much deeper the problem of our data privacy goes.
Both of Google+’s recent privacy breaches trace back to the service’s application program interface (API), a tool virtually all web services use to share your information (presumably safely) with software developers outside the company. An API is how you get third-party Twitter apps, Facebook apps, or apps that play nicely with Google. It’s also how your data leaks out with troubling regularity to people who aren’t authorized to see it, much as it did during Facebook’s Cambridge Analytics fiasco.
Google’s solution to this (and yours, should you choose to delete your Google+ account) is to shut down that interface entirely. It’s at least a feasible option with Google+, if only because no one really uses the damn thing anyway. Even so, deleting your data—the only way to really ensure it can’t be inappropriately accessed—is either arduous or impossible. Google’s own Google+ deleter tool conveys this pretty clearly as it explains what it actually does (and doesn’t do):
From a user’s perspective, this makes a lot of sense! Google+ is a zombie social network that has largely failed, and it would be absurd if deleting Google+ disrupted the use of Google’s more popular services (like Gmail or YouTube) in any way. At the same time, this fact illustrates the ways in which your data is all but permanently embedded in deep within Google unless you go so far as to painstakingly delete your entire account.
Think about it like a house: Shuttering Google+, whether you do it to our own account or Google does it to the entire service, doesn’t remove your valuables from the house or even put them in a safe. It merely boards up a broken window thieves had been climbing through. And that’s to say nothing of how companies (especially Facebook) manage to collect and retain data about you even if you don’t have an account with them.
Security problems at Google+ may seem laughable or minor, since we’re talking about one of Google’s most derelict properties. But such breaches from similarly hegemonic and hard-to-avoid tech titans like Facebook or Uber actually have much more in common with the catastrophic 2017 Equifax data breach than it might appear.
Yes, that Equifax, the one that keeps all that data on you for your credit report. Equifax figured out a way to possess your data without your express personal consent and with no way to opt out. Google and Facebook and other such giants offer the idea of control, including the option of deleting your account (or never creating one in the first place). But this illusion of data control is just that. These megacompanies have wormed their way so deeply into the fabric of society that to use none of them is simply not a realistic option for most Americans.
So yes, take a few minutes to hop over to Google+ and disable your account now, and take whatever measures you can to keep your data safe. But stay clear-eyed: The problem is so much larger than just that.
Originally posted on Popular Mechanics