Call them mistakes, mishaps or reckless, a pattern of serious privacy breaches have been leaked from the big tech giant according to Google employee reports. In an era where data is as precious as gold, even giants like Google are not immune to pitfalls in handling the vast reservoirs of personal information flowing through their systems.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
Range of incidents
A six-year span of internal Google reports, unearthed by 404 Media, exposes a troubling array of privacy breaches affecting everything from children’s voice data to the home addresses of unsuspecting carpool users.
These breaches include making YouTube recommendations based on users’ deleted watch histories—issues that, though not widely known or impactful on a large scale, reveal the complex challenges faced by one of the tech world’s behemoths.
BEWARE OF THIS MCAFEE GOOGLE CHROME AD SCAM
Google’s privacy blunders exposed
This internal database, not previously exposed to the public eye, catalogs various incidents ranging from trivial mishaps—like an inadvertently sent email containing sensitive personal information—to major security lapses, including significant data leaks and even potential raids on Google’s own offices. The company’s system allows employees to rank these issues by severity, with P0 indicating the most critical.
The term P0 refers to a priority level used in incident management systems to classify the severity of issues. In such systems, P0 is typically used to indicate the highest level of severity for an incident. It’s reserved for critical situations that may require immediate attention, such as major security breaches, significant data leaks, or other events that could have a severe impact on operations or security. The “P” stands for “priority,” and the “0” signifies that it is the topmost level, with the most urgency for resolution. This system helps organizations like Google prioritize their response efforts effectively.
HOW GOOGLE’S DATA CAN MAKE YOU A SUSPECT IN A CRIME YOU DIDN’T COMMIT
Google Street View mishap
Among these incidents, a notable mishap in 2016 highlights the complexities of managing automated data collection. Google Street View, known for its panoramic views of streets around the world, accidentally transcribed and stored vehicle license plate numbers due to its text-recognition algorithms mistaking them as regular text.
“As a result, our database of objects detected from Street View now inadvertently contains a database of geolocated license plate numbers and license plate number fragments,” admitted a Google employee. This error, they assured, was accidental, and the data has since been eliminated.
GOOGLE FINALLY ADMITS DATA COLLECTION IN CHROME’S INCOGNITO MODE
Socratic.org data exposure
Another significant breach involved the exposure of email addresses from over a million users of Socratic.org, an educational platform Google had acquired.
This breach, which left sensitive data, including geolocation information and IP addresses, accessible via the platform’s page source, lingered undetected for more than a year, affecting numerous users, including children.
Google’s response to CyberGuy
The revelation of these issues comes from an anonymous tip received by 404 Media, whose authenticity was subsequently confirmed by Google itself. In response to the findings, a Google spokesperson explained, “At Google, employees can quickly flag potential product issues for review by the relevant teams. When an employee submits the flag, they suggest the priority level to the reviewer.”
They added, “The reports obtained by 404 are from over six years ago and are examples of these flags—every one was reviewed and resolved at that time. In some cases, these employee flags turned out not to be issues at all or were issues that employees found in third-party services.”
Proactive measures to take in the wake of Google’s data dilemmas
In an age where digital privacy is under constant threat, taking proactive steps to protect your personal information has never been more imperative, especially in light of recent revelations about privacy breaches at tech giants like Google.
1) Create Strong Passwords: Use complex passwords and change them regularly. Avoid using the same password across multiple sites. Consider using a password manager to generate and store complex passwords.
2) Enable Two-Factor Authentication: Wherever possible, use two-factor authentication to add an extra layer of security to your accounts.
3) Be wary of phishing scams: Learn to identify suspicious emails and messages that may attempt to steal your personal information. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have strong antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams.
My top pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.
4) Use secure networks: Avoid using public Wi-Fi for sensitive transactions. Consider using a VPN for better security. A VPN can protect you against being tracked and to identify your potential location on websites that you visit. Many sites can read your IP address and, depending on their privacy settings, may display the city from which you are corresponding. A VPN will disguise your IP address to show an alternate location.
My top recommendation is ExpressVPN. It has a quick and easy setup, is available in 105 countries, and will not log your IP address, browsing history, traffic destination or metadata, or DNS queries.
Right now you can get 3 extra months FREE with a 12-month ExpressVPN plan. That’s just $6.67 per month, a savings of 49%! Try 30 days risk-free.
5) Invest in data removal services: While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time.
A service like Incogni can help you remove all this personal information from the internet. It has a very clean interface and will scan 195 websites for your information and remove it and keep it removed.
Special for CyberGuy Readers (60% off): Incogni offers A 30-day money-back guarantee and then charges a special CyberGuy discount only through the links in this article of $6.49/month for one person (billed annually) or $13.19/month for your family (up to 4 people) on their annual plan and get a fully automated data removal service, including recurring removal from 175+ data brokers. I recommend the family plan because it works out to only $4.12 per person per month for year-round coverage. It’s an excellent service, and I highly recommend at least trying it out to see what it’s all about.
Check out my top picks for removal services here.
Best services for removing your personal information from the Internet
6) Manage Your Social Media Settings: Make your social media accounts private and be cautious about the information you share online.
7) Update Your Devices: Keep your software and devices updated to protect against the latest security threats.
8) Review Permissions: Regularly review the permissions you’ve granted to apps and websites, and revoke any that are unnecessary.
Kurt’s key takeaways
This saga of accidental data collection and privacy lapses serves as a cautionary tale of the potential perils lurking in the vast amounts of data collected and processed by technology companies today. Big tech companies’ default mission is to take as much as they want from us to make a buck. You need to take a more proactive step in protecting your personal privacy and security. As Google continues to navigate these turbulent waters, the world watches closely, reminded of the ongoing need for stringent data protection measures in the digital age.
Considering Google’s recent privacy breaches, what measures should the company implement to enhance the protection of user data and rebuild trust with its users? Let us know in the comments below.
TO GET MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER
Copyright 2024 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.