In a recent development, Alphabet’s Google has agreed to pay a substantial settlement amount of $350 million to resolve a class action lawsuit related to a data breach on its now-defunct social media platform, Google+. This fund will be used to resolve the Rhode Island government’s personal data leakage on its former social network Google+. The data of millions of Google+ users was exposed to outside developers before the company discovered a data breach in 2018. The lawsuit stemmed from a security lapse that exposed the personal data of Google+ users for several years.
Rhode Island Treasurer James Diossa leads this lawsuit for the state pension fund which owns shares in Alphabet. The court ruled that Google did not disclose the data breach because it feared this would subject it to regulatory and public scrutiny. Recall that Facebook was strongly scrutinized after London-based Cambridge Analytica harvested its users’ data for the 2016 U.S. elections. Diossa claims the Facebook situation was still fresh at the time and possibly caused Google to hide the data breach. Nevertheless, as the news about the breach hit the public, Alphabet shares fell several times wiping out tens of billions of dollars of market value.
According to a document filed in the U.S. Court for the Northern District of California, people who purchased Google stock between April 23, 2018, and April 30, 2019, will be able to apply for a share of the settlement. There will be a notification for eligible investors and Google has a portal with relevant information.
Background
The background of the case involves a data breach on Google’s social media platform, Google+, which led to a class action lawsuit and a subsequent settlement. The breach, which occurred between 2015 and 2018, exposed the personal data of approximately 500,000 Google+ users. According to the Washington Post, the exposed data includes their names, birthdays, genders, emails, relationship statuses, occupations, and places they had lived. Google became aware of the security lapse in 2018 but chose not to disclose it to the public or its shareholders at that time. The delayed disclosure and the potential impact on user privacy and security led to legal action against the company.
At the time, the class action lawsuit was filed by plaintiffs Matt Matic and Zak Harris, alleging that Google’s inadequate data security measures and delayed disclosure of the breach compromised the privacy of users’ information and exposed them to the risk of identity theft. The lawsuit also claimed that Google did not take sufficient measures to prevent unauthorized access to users’ data and failed to report the breach on time.
Litigation ensued, and in 2020, Google reached a $7.5 million class-action settlement with users whose data was affected. Most claimants received only a few dollars (capped at $12) in compensation. The case settled this time was brought by the Rhode Island government, whose pension fund is an investor in Google. After five years of court proceedings, Google unsuccessfully tried to appeal the case to the Supreme Court, where it eventually settled.
Gizchina News of the week
Google’s Response
Google said there was no evidence to show that the data was misused and it denied any wrongdoing. However, it agreed to a settlement to bring the case to a peaceful end. A spokesperson, Jose Castaneda, said:
“We regularly identify and fix software issues, disclose information about them, and take these issues seriously. This matter concerns a product that no longer exists and we are pleased to have it resolved.”
Broader Implications
This settlement is part of a broader trend of legal actions and regulatory scrutiny faced by tech companies over data privacy issues. It underscores the growing importance of robust data protection measures and timely disclosure of data breaches. The substantial settlement amount also serves as a reminder of the potential financial consequences that companies may face as a result of inadequate data security practices.
Final Words
Alphabet’s Google agreed to pay a $350 million settlement to resolve the class action lawsuit regarding the Google+ data breach. This marks a significant chapter in the ongoing saga of data privacy and corporate responsibility in the digital age. The breach, which exposed the personal data of millions of users, led to legal action. It shows the importance of timely disclosure and robust security measures.
The settlement reflects the growing scrutiny and legal consequences faced by tech companies for data privacy lapses. It emphasises the need for stringent data protection protocols and transparency in handling security incidents. Moreover, the involvement of state entities and pension funds underscores the broader implications of data breaches on investors and stakeholders. It amplifies the financial and reputational risks for corporations.
As technology continues to evolve and data becomes increasingly valuable, the Google+ settlement serves as a stark reminder. It’s a reminder of the need for companies to prioritize user privacy and implement proactive security measures. It is also a reminder that tech brands need to adhere to regulatory standards. Moving forward, the case sets a precedent for accountability and transparency in the management of sensitive user information. This reshaped the landscape of data privacy regulations and corporate governance in the digital ecosystem.
Author Bio
Efe Udin is a seasoned tech writer with over seven years of experience. He covers a wide range of topics in the tech industry from industry politics to mobile phone performance. From mobile phones to tablets, Efe has also kept a keen eye on the latest advancements and trends. He provides insightful analysis and reviews to inform and educate readers. Efe is very passionate about tech and covers interesting stories as well as offers solutions where possible.