Google Takeout Glitch Accidentally Leaks User’s Data to Strangers

Recently, the Internet giant sent an admission Email to users of its Google Photos service, claiming that it had sent some of their videos and other data to other users without their consent after one of its data-downloading tools.

When people used Google Takeout to download their own content, they were accidentally given, in some cases, videos uploaded by people they don’t know. https://t.co/m5Bv8c9XY4

— NBC 7 San Diego (@nbcsandiego) February 6, 2020

  The security glitch in question has to do with Google’s Takeout Service, one of its offerings that allow users to download all of their data from the company’s product suite. The service reportedly suffered a security glitch between November 21 and 25, 2019, which led to several users getting videos and other data from strangers Google didn’t reveal much in its admission email. We still don’t know the number of users affected or the amount of data that was shared per account. The search giant fixed the problem immediately, and it’s estimated that the number of affected users was less than 0.01 percent of total users. This seems negligible not until you realize that over a billion people use Google Photos, meaning affected users could total 10 million. However, the firm did clarify that not all data types were distributed. As 9to5Google reported, a spokesperson explained, “These users may have received either an incomplete archive, or videos — not photos — that were not theirs. We fixed the underlying issue and have conducted an in-depth analysis to help prevent this from ever happening again. We are very sorry this happened.” The admission is yet another in a long line of privacy gaffes made by Google- occurrences that are quickly becoming more commonplace for the Internet behemoth. Just this week, the Irish Data Protection Commission- the data regulator for the Republic Ireland- announced in a release that it would be investigating both Google and Tinder to find out if they’re compliant with its data privacy obligations under the General Data Protection Regulation. As the statement explained, the Dublin-based regulator had received several complaints from consumer organizations in the EU about Google’s processing locational data and its transparency about the processes. Google has already committed to cooperating with the agency in this regard, pointing to several upgrades that they’ve made to their product in the past year to ensure best practices are strictly followed for location data.

---

Images are courtesy of Twitter, Shutterstock, Pixabay.