A PYMNTS Company

Google Settles Data Privacy Lawsuit

 |  February 6, 2024

Tech giant Google has agreed to pay $350 million to settle a lawsuit brought by shareholders concerning a security flaw in its now-defunct social media platform, Google+. The preliminary settlement, filed late on Monday in San Francisco federal court, follows over a year of mediation and awaits approval by U.S. District Judge Trina Thompson.

The lawsuit primarily revolves around allegations that Google was aware of a software glitch in Google+ as early as March 2018, which exposed users’ personal data for three years. Despite this knowledge, the company purportedly concealed the issue for several months while publicly emphasizing its dedication to data security. Shareholders claim that Google’s reluctance to disclose the flaw stemmed from fears of facing regulatory and public scrutiny similar to that experienced by Facebook during the Cambridge Analytica scandal, where user data was harvested for political purposes during the 2016 U.S. elections.

Read more: Google Urges Regulation of Surveillance Software Companies

According to the complaint, news of the security bug caused several drops in Alphabet, Google’s parent company, stock value, resulting in the loss of billions of dollars in market capitalization. The lawsuit, led by Rhode Island Treasurer James Diossa on behalf of a state pension fund that owned Alphabet shares, covers shareholders who held Alphabet stock from April 23, 2018, to April 30, 2019.

This settlement represents a significant step in resolving the legal repercussions stemming from the Google+ security debacle. While Google has not admitted to any wrongdoing, the agreement underscores the importance of transparency and accountability in handling user data, particularly in light of growing concerns surrounding data privacy and security in the digital age. The final approval of the settlement by Judge Thompson will mark a crucial milestone in bringing closure to this chapter of Google’s history and may set a precedent for future cases involving corporate responsibility in safeguarding user information.

Source: Reuters