Congress held a hearing a few weeks ago in response to news that Google kept secret a flaw that exposed almost 500,000 users’private user data on its Google+ platform. Though there is no evidence that data was actually used, and data breach laws as written today do not kick in until there is an actual “breach” involving an unauthorized acquisition of the data.
However, Google deliberately hid the problem from the public in order to avoid the type of bad publicity Facebook was getting from its Cambridge Analytica data breach. U.S. Senators at the hearing appeared to be troubled both by the legal loophole protecting Google from disclosure and with Google’s calculated decision to keep secrets.