Feeds

Google leaks small biz stats to random people

Traffic data snafu blamed on 'human error'

Security for virtualized datacentres

Google has inadvertently leaked web traffic data for multiple small businesses to random third-parties across the web.

On January 7, web marketing consultant David Dalka received an email from Google that included traffic stats from its Local Business Center. This is a portal where small businesses can add themselves to Google's local search index and track visits to such listings. Dalka uses the Local Business Center on behalf of multiple clients, but the email detailed November 2009 data for a company called Boscos, an outfit he'd never heard of.

The email included the number of times Boscos had appeared in Google's local search results during the month, the number of users who clicked on the listing, the number who clicked for "more info," the number who clicked for driving directions, and the number who clicked on the company's website.

After digging up a recent Tweet from someone who'd received a similar email, he blogged about the incident, and several others responded to say they too had received detailed Google traffic info for unfamiliar merchants.

Similar stories have popped up elsewhere, including a pair from noted Google Maps watcher Mike Blumenthal.

In each case, the email details November 2009 stats for a seemingly random business, and among the emails that are now public, the business is never the same.

At least some users received an apology, in which Google acknowledged the emails. When we contacted the company, it did much the same - though it played down the incident, saying it had sent "incorrect information" to less an one per cent of its LBC users. It's unclear how many users it claims.

"We send a monthly newsletter to our Local Business Center users, featuring product news and a glimpse at statistics about the traffic Google properties drive to their listing," read a statement from a company spokeswoman. "Shortly after sending the newsletter to a small portion of our users (less than 1%), we discovered that some emails included incorrect business listing information.

But when asked if the "incorrect information" was data related to real third-party business, the spokeswoman confirmed that it was.

The company blames the leak on "human error".

"We promptly stopped sending any further emails and investigated the cause," the statement continued, "which we found to be a human error while pulling together the newsletter content.

"We'd like to apologize to all the business owners affected and assure all our users that we're working hard to ensure that nothing similar will happen again. Those affected should have all received a corrected email."

In his blog post, David Dalka compares Google's snafu to AOL's infamous 2006 data breach, remembering Eric Schmidt's claim that his company would never follow in AOL's footsteps. "Our number one priority is the trust that our users have and that would be a violation of trust, so the answer is, it won’t happen," Schmidt said in 2006.

This is a tad different. AOL leaked search data for individual users. Google has leaked traffic data for small businesses. But at least some of Dalka's concern is warranted - however many users Google leaked those stats too. After all, this is Google - a company that may house more data about the world's people and businesses than any other, with more streaming in by the day.

"The Internet is about trust. Lose it and it's hard to get back. If I were sitting on Google's board of directors, I'd certainly be asking the management team about what caused this apparently haphazard communication of private data and what internal controls will be changed to prevent a future similar event," Dalka told The Reg.

"Google randomly exposing analytics data to various people concerns me. It makes me wonder what other processes could this happen with at Google? How will businesses' privacy be protected from Google?" ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Scrapping the Human Rights Act: What about privacy and freedom of expression?
Justice minister's attack to destroy ability to challenge state
WHY did Sunday Mirror stoop to slurping selfies for smut sting?
Tabloid splashes, MP resigns - but there's a BIG copyright issue here
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
EU to accuse Ireland of giving Apple an overly peachy tax deal – report
Probe expected to say single-digit rate was unlawful
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
Hey Brit taxpayers. You just spent £4m on Central London ‘innovation playground’
Catapult me a Mojito, I feel an Digital Innovation coming on
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
EU probes Google’s Android omerta again: Talk now, or else
Spill those Android secrets, or we’ll fine you
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.