recentpopularlog in

Copy this bookmark:





to read

bookmark detail

The breach that killed Google+ wasn’t a breach at all - The Verge
Part of the disconnect comes from the fact that, legally, Google is in the clear. There are lots of laws about reporting breaches — primarily the GDPR but also a string of state-level bills — but by that standard, what happened to Google+ wasn’t technically a breach. Those laws are concerned with unauthorized access to user information, codifying the basic idea that if someone steals your credit card or phone number, you have a right to know about it. But Google just found that data was available to developers, not that any data was actually taken. With no clear data stolen, Google had no legal reporting requirements. As far as the lawyers were concerned, it wasn’t a breach, and quietly fixing the problem was good enough.
twig  688 
5 weeks ago by leolaporte
view in context