It didn't take long. Mere hours after Google announced it was shutting down Google+ after a security breach exposed the private details of half a million users, the first lawsuit hit a federal court in San Francisco. The proposed class action, filed by two former users, claims "a software glitch ... gave third-party application developers access to private Google+ profile data between 2015 and March 2018," allowing app developers to "improperly collect the Personal Information of up to 500,000 Google+ users."
The allegations include negligence, invasion of privacy, and violations of California's Unfair Competition Law. You can see the full lawsuit below.
A Big Responsibility
Certain Google+ users would give their consent to third party applications to access their data. The software glitch, however, gave those apps access to private profile data of any other Google+ user within the circle of the user who had authorized access.
A Calculated Decision
The lawsuit claims Google should've been "more sensitive to the necessary protection of Google+ users' data," yet allowed the glitch to persist for three years, exposing private information to at least 438 third party applications. "Worse," the suit continues, "after discovery of this vulnerability in the Google+ platform, Defendants kept silent for at least 7 months, making a calculated decision not to inform users that their Personal Information was compromised, further compromising the privacy of consumers' information and exposing them to risk of identity theft or worse."
Here's the lawsuit in full: