Time to read
1 minute
Read so far

Google’s Second Failure to Protect Data Security on Its Social Network Shows Need for California Privacy Law

Mon, 12/10/2018 - 11:09

LOS ANGELES -- Google’s revelation today that its social network Google+ suffered a second major security lapse in less than a year makes clear the Internet giant cannot be trusted to police its own platforms and underscores the need for strong laws like the California Consumer Privacy Act, Consumer Watchdog said today.

If the law were in effect, the California Consumer Privacy Act would hold Google responsible and the company would face fines if its users’ data was taken because it was mishandled by Google. Victims would also be able to sue Google under the law, which goes into effect in 2020.

“Google's latest failure to adequately protect users’ information shows the company doesn’t care about consumer privacy and cannot be trusted to protect our data,” said John M. Simpson, Consumer Watchdog’s Privacy and Technology Project Director. “We need tough laws, including the right for consumers to take an internet company to court when they put our data at risk. The California Consumer Privacy Act created that protection, and lawmakers should protect it from attacks by companies like Google who want federal laws to overturn it.”

Consumer Watchdog first pointed out Google’s failure to police its social network in 2013 when it released a seven-month study that found the company had allowed Google+ to become a virtual playground for online predators with explicit sexual content.

Read that report here: https://www.consumerwatchdog.org/report/google-playground-online-predat…

Businesses are already working to weaken the California law. California Legislators must resist those efforts, Consumer Watchdog said. At the federal level, Congress should not bow to pressure by business and tech companies to enact a weak national law to preempt stronger state protections, Consumer Watchdog said.

The California Consumer Protection Act is the strongest privacy law in the nation.  It would, for instance, allow a private right of action – though with some limits -- in data breach cases.  No such right currently exists. The law ensures:

The right of Californians to know what personal information is being collected about them.
The right of Californians to know whether their personal information is sold or disclosed and to whom.
The right of Californians to say no to the sale of personal information.
The right of Californians to access their personal information.
The right of Californians to equal service and price, even if they exercise their privacy rights.
Currently, the California attorney general is drafting regulations to implement the California Consumer Privacy Act.

Google discovered a security bug in Google+ in March that affected 500,000 users, but kept the failure secret until October.  The latest security failure occurred in November and could affect 52 million users, Google said.

Google announced plans to shut Google+ down next August because of the first incident. The company now says it will close the service in April, five months before it had originally planned.


Visit our website at www.consumerwatchdog.org