Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Google Privacy Security

Senators Demand Google Hand Over Internal Memo Urging Google+ Cover-up (zdnet.com) 127

An anonymous reader writes: Three Republican senators have sent a letter to Google demanding the company hand over an internal memo based on which Google decided to cover up a Google+ data leak instead of going public as most companies do. The existence of this internal memo came to light on Monday in a Wall Street Journal article that forced Google to go public with details about a Google+ API bug that could have been used to harvest data on Google users.

According to the report, the internal memo, signed by Google's legal and policy staff, advised Google top execs not to disclose the existence of the API bug fearing "immediate regulatory interest." Google's legal staff also feared that the bug would bring Google "into the spotlight alongside or even instead of Facebook despite having stayed under the radar throughout the Cambridge Analytica scandal," and would "almost [guarantee] Sundar will testify before Congress," akin to Facebook's CEO. In a letter sent today to Google, three GOP senators want to see this internal memo for themselves by October 30, and also with on-the-record answers to seven questions in regards to what, why, and how Google handled the Google+ API data leak.

This discussion has been archived. No new comments can be posted.

Senators Demand Google Hand Over Internal Memo Urging Google+ Cover-up

Comments Filter:
  • There was no leak (Score:5, Interesting)

    by JarekC ( 544383 ) on Friday October 12, 2018 @11:14AM (#57467564)
    The tricky part is there was no leak. The data was available, but there is no evidence of any unauthorized access. So technically they were not required to report the leak, because there was no leak.

    Let's say they promised to keep your cash safe, then kept the safe unlocked for a couple of months, then realized what's up and locked it before anyone noticed. Are they legally obliged to tell you about it?

    So even if they are assholes from moral point of view, legally they may be clean.

    • by Anonymous Coward

      Did they really have enough logs to confirm there wasn't a leak?

      Or are they saying that based on what logs they had available they could see no leak?

      • How can you ever have enough logs to be 100% sure there wasn't a leak? Maybe they had enough root accesses to delete everything, no matter how many remote backup copies and how much un-tamperable line printer output you have.
      • by terjeber ( 856226 ) on Friday October 12, 2018 @12:59PM (#57468114)

        Did they really have enough logs to confirm there wasn't a leak?

        They did a quick questionnaire in the hacking community. They asked plainly asked, "Have you hacked Google+", all the answers came "Google what?" So then they knew.

    • Much like Watergate, it wasn't the crime that caused the fallout. It was the cover up.

      • by Impy the Impiuos Imp ( 442658 ) on Friday October 12, 2018 @12:12PM (#57467876) Journal

        Except in this case, the cover up isn't illegal, either, and hiding embarrassing things from the government is a rational strategy, what with its itchy regulatory trigger finger pushed by transient outrage fanned by politicians themselves.

      • by rsilvergun ( 571051 ) on Friday October 12, 2018 @12:38PM (#57468008)
        Breaking and entering to get dirt on your political rival. And no, "everybody did it" is not an excuse. Nixon had a pretty crazy disregard for the rule of law, going so far as to kick off the Drug War in order to crack down on the left wing because he knew they smoked pot. That's not a conspiracy theory, his own people came out later, admitted it and apologized for it.

        I'd call this a hit piece except Google gets along just fine with the Republican majority. They supported the last few Supreme Court Nominees (albeit on the sly via various PACs) and were happy to take the tax cut.

        What this is really is enemy creation. Racism is winding down as an effective vehicle for making bogymen. But any good ruling class needs a way to divide the working class. Instead of Black/White they're working on Technocrat/Blue Collar as the next point of division.

        This is how the Japanese created their divides to keep the working class from organizing, BTW. They declared some professions as "bad" (unclean ones, like butcher and undertaker) and kept books of who was who based on family names. That's how you create classes without racial divides.

        What annoys me is we see this pattern over and over again. The Japanese, India Caste systems, American Racial Slavery, hell the Canadians have been caught doing it with Eskimos (South Park made fun of it). You'd think the working class would catch on to the trick and stop being fooled but so far, no dice...
      • by Ogive17 ( 691899 )
        Covering up what? That there was a vulnerability but no evidence anyone exploited it?

        Do you go to the police station and report every time you drove faster than the speed limit or didn't come to a complete stop at a stop sign?

        I think Congress has more important things to worry about IF there are no victims.
    • by ljw1004 ( 764174 )

      The tricky part is there was no leak. The data was available, but there is no evidence of any unauthorized access. So technically they were not required to report the leak, because there was no leak.

      I agree that there is no evidence of any unauthorized access. But your conclusion "there was no leak" doesn't follow.

      If there had been a leak, would there have been evidence of a leak? -- no, because they're not gathering the data that would provide evidence. Therefore, the observation "no evidence of a leak" has no ability to justify the statement "there was no leak".

      I guess it depends on what the legislation is, what it defines as a leak, and where it puts the burden of knowledge. I haven't read it to fin

  • by dfn5 ( 524972 )
    People still send memos? I don't think I've sent a memo since 1995.
    • And did the google legal team really put their name to something discoverable ? I thought they hated to leave traces like this...
  • Did they stomp their foot and stick out their bottom lip while making this "demand?" Google has gotten away with shit for years, any posturing by the government is just that, posturing.
  • by Puls4r ( 724907 ) on Friday October 12, 2018 @12:06PM (#57467822)
    This is all optics in the government's current pursuit of the pockets of the big IT corporations.

    Approximately 430 people had access to the API. Google knows who those people are.

    This API was for Google+. Despite reporting that glosses over the fact. Google+ is an unused wasteland where social media accounts go to die.

    There is no proof, in fact not even a suggestion, that this bug was known in the wild. They've not found it on the usual suspect web pages where information like this is sold.

    There is no log or data (according to Google) that it was ever exploited.

    This news-event is entirely artificial and is being used to build a case. The motivation here is not to fix a problem, it's to create a bigger problem/outcry/outrage so that something else happens. It's unfortunate that the Slashdot contributors can't recognize a tempest in a teapot.
  • by PopeRatzo ( 965947 ) on Friday October 12, 2018 @12:24PM (#57467938) Journal

    I don't know about you guys, but I totally trust the Senate to investigate google in an ethical and unbiased way and not try to use this to gain political advantage or punish perceived enemies.

  • Had an external law firm written the memo, it would have been privileged and Google could not even have been obliged by a court to provide it.

    • IANAL. That being said, I think internal lawyers would just have to have marked the memo as "Attorney-Client Privileged" to cause it to be so.
  • As a Canadian, I may be wrong, but since corporations are considered to be people under the law and Americans have the right to refrain from providing self incriminating evidence (5th amendment).... Isn't a group of senators signing a letter demanding that Google provide a self-incriminating memo (which may or may not exist) against the law?

    Wouldn't that be akin to demanding that someone hand over a signed confession or face the consequences? Since it was specified what the memo should contain and who shou

Keep up the good work! But please don't ask me to help.

Working...