Amid revelations of another
security snafu, Google has decided to sunset the consumer version of Google+ over the next year.
On Monday, The Wall Street Journal reported that Google exposed the private data of hundreds
of thousands of Google+ users, from 2015 through early 2018.
Worse yet, the tech titan then decided not to inform these users of the breach for fear that doing so would draw regulatory
scrutiny and damage its brand, sources tell The Journal.
Yet, Ben Smith, a Google Fellow and its Vice President of Engineering, says shuttering Google+ has more to do with its low
popularity.
“The consumer version of Google+ currently has low usage and engagement,” Smith notes in a new blog post. Indeed, “90 percent of Google+ user sessions are less than five seconds.”
“It has not
achieved broad consumer or developer adoption, and has seen limited user interaction with apps,” Smith said of Google+.
Over the next year, Google plans to reposition Google+ as an
alternative to Slack and other business-centric messaging platforms.
Yet to do so successfully, Google will have to convince businesses that the platform is safe and secure.
Smith said
that should not be a problem. “Our review showed that Google+ is better suited as an enterprise product where co-workers can engage in internal discussions on a secure corporate social
network,” he said.
“Enterprise customers can set common access rules, and use central controls, for their entire organization,” Smith assured.
Without directly
addressing The Journal’s bombshell story, on Monday, Smith said Google was ramping up its safety and security measures.
Among other changes, the company is updating its
User Data Policy for the consumer Gmail API in order to limit apps that may seek permission to access consumer Gmail data.
Now, “Only apps directly enhancing email functionality
… will be authorized to access this data,” Smith assured.
These apps will also need to agree to new rules on handling Gmail data, and will be subject to new security
assessments.
In addition, Google Play will limit which apps are allowed to ask for permission to access a user's phone and SMS data.
Going forward, only an app that users have selected
as their default app for making calls or text messages will be able to make these requests.