Three influential Republican U.S. senators on Thursday asked Alphabet Inc’s Google unit to explain why it delayed disclosing vulnerabilities with its Google+ social network.
Google said this week it would shut down the consumer version of Google+ and tighten its data-sharing policies after revealing that the private profile data of at least 500,000 users may have been exposed to hundreds of external developers.
The letter from Senator John Thune, who chairs the Commerce Committee, and two other senators who chair subcommittees — Jerry Moran and Roger Wicker — asked Google to explain a reported delay in disclosing the issue.
“Google must be more forthcoming with the public and lawmakers if the company is to maintain or regain the trust of the users of its services,” the letter said.
The company did not immediately respond to requests for comment.
The letters asked if the vulnerability was revealed previously to any federal agencies, including the Federal Trade Commission, and if there were “similar incidents which have not been publicly disclosed?”
Google Chief Executive Sundar Pichai agreed last month to testify before a House panel in November after meeting with lawmakers.
The company acknowledged it had made prior mistakes in privacy issues in written testimony before the Senate Commerce Committee last month but did not disclose the Google+ issue.
The three Republicans said they were “especially disappointed” with the failure of Google’s chief privacy officer Keith Enright to disclose the issue.
The three Republicans asked Google to turn over a memo, reported by the Wall Street Journal earlier this week, that said that a factor in not disclosing the issue earlier was that it would draw “immediate regulatory interest” and “almost (guarantee)” that Pichai would have to testify before Congress. They called the memo “troubling.”
Congress and the Trump administration are looking at ways of creating new national privacy protections. Facebook Inc has acknowledged it failed to protect the data of some 87 million users that was shared with now-defunct political data firm Cambridge Analytica.
Massive breaches of data privacy have compromised the personal information of millions of U.S. internet and social media users. These include notable breaches at large retailers and credit reporting agency Equifax Inc .
Reporting by David Shepardson; Editing by Dan Grebler