Google will retire its Google+ social network after it admitted to finding flaws that may have exposed private data from up to half a million accounts.
The Google+ data leak bug was found as part of "Project Strobe", a root-and-branch review of what data developers could access from Google accounts, and Android devices.
"The bug meant that apps also had access to Profile fields that were shared with the user, but not marked as public," Google's vice-president of engineering, Ben Smith wrote.
Up to 438 apps used the application programming interface (API) that gave access to Profile data such as users' name, email address, occupation, gender and age.
Google said it patched the bug in March this year, and Smith said Google found no evidence that any developer was aware of the bug or had abused the API. The company has found no evidence that Profile data was misused.
However, Google only keeps the log data of the API in question for two weeks, due to privacy reasons, and therefore "cannot confirm which users were impacted by this bug," Smith added.
Google has now decided that the incident shows Google+ APIs and associated controls are too challenging to develop and maintain, so it will shutter the social network over a ten-month period.
But it's not doing so solely out of concern for users' privacy: Smith admitted the network is not a success, saying "The consumer version of Google+ currently has low usage and engagement: 90 percent of Google+ user sessions are less than five seconds."
Tightening of account data protection
Project Strobe will also lead to Google account holders getting more fine-grained controls over the data they share with apps, which currently have overly broad access to user information, Google said.
App access to user Gmail data will be limited to fewer use cases, Smith said.
Only apps that directly enhance email functionality will be authorised to access consumer Gmail data, and will be subject to new rules on handling the information as well as security assessments.
Such apps include email clients, backup and productivity services, Smith said.
On Android, Google will limit apps ability to receive users call logs and short messaging service (SMS) data. Contact interaction data will no longer be available via the Android Contacts API either.
Smith said that when users grant permissions to access SMS, Contacts and Phone data to apps, they do so with specific use cases in mind, again indicating that the present policies have given developers overly broad access to people's information.