Amid revelations of another security snafu, Google has decided to sunset the consumer version of Google+ over the next year.
On Monday, The Wall Street Journal reported that Google exposed the private data of hundreds of thousands of Google+ users, from 2015 through early 2018.
Worse yet, the tech titan then decided not to inform these users of the breach for fear that doing so would draw regulatory scrutiny and damage its brand, sources tell The Journal.
Yet, Ben Smith, a Google Fellow and its Vice President of Engineering, says shuttering Google+ has more to do with its low popularity.
“The consumer version of Google+ currently has low usage and engagement,” Smith notes in a new blog post. Indeed, “90 percent of Google+ user sessions are less than five seconds.”
“It has not achieved broad consumer or developer adoption, and has seen limited user interaction with apps,” Smith said of Google+.
Over the next year, Google plans to reposition Google+ as an alternative to Slack and other business-centric messaging platforms.
Yet to do so successfully, Google will have to convince businesses that the platform is safe and secure.
Smith said that should not be a problem. “Our review showed that Google+ is better suited as an enterprise product where co-workers can engage in internal discussions on a secure corporate social network,” he said.
“Enterprise customers can set common access rules, and use central controls, for their entire organization,” Smith assured.
Without directly addressing The Journal’s bombshell story, on Monday, Smith said Google was ramping up its safety and security measures.
Among other changes, the company is updating its User Data Policy for the consumer Gmail API in order to limit apps that may seek permission to access consumer Gmail data.
Now, “Only apps directly enhancing email functionality … will be authorized to access this data,” Smith assured.
These apps will also need to agree to new rules on handling Gmail data, and will be subject to new security assessments.
In addition, Google Play will limit which apps are allowed to ask for permission to access a user's phone and SMS data.
Going forward, only an app that users have selected as their default app for making calls or text messages will be able to make these requests.