In a recent data leak incident, which exposed the private data of around 500,000 former Google+ users to outside developers, Google has agreed to pay US$7.5 million in a settlement to resolve a class-action lawsuit against the firm.
The proposed settlement, which was filed with the U.S. District Court Judge Edward Davila in San Jose, allows the affected Google+ users to receive a compensation between US$5 and US$12. However, the settlement only allows users with Google+ accounts between January 2015 and April 2, 2019, to submit their claims.
After an internal audit, Google, in October 2018, announced that it would shut down its social media network Google+ in August 2019, stating that a bug in Google+ exposed the personal data of 500,000 users to third-party developers since 2015.
The tech giant admitted that the flaw in its APIs exposed users’ data, including usernames, email addresses, occupation, date of birth, profile photos, and gender-related information. The bug allowed around 438 third-party developers to access the data, but Google assured its users that there is no evidence of data misuse by any of the developers.
Again, in December 2018, Google announced that Google+ encountered another data breach that exposed the personal information of 52.5 million users. The company admitted that the incident occurred due to an existing bug in its software update that was introduced in November 2018.
Earlier, in January 2019, Google was fined 50 million euros (around US$57 million) by the French data regulator CNIL (National Data Protection Commission) for violating the GDPR law. The fine was levied for Google’s limited information, lack of transparency, and valid consent from its users regarding ads personalization.