Feeds

Google leaks small biz stats to random people

Traffic data snafu blamed on 'human error'

Security for virtualized datacentres

Google has inadvertently leaked web traffic data for multiple small businesses to random third-parties across the web.

On January 7, web marketing consultant David Dalka received an email from Google that included traffic stats from its Local Business Center. This is a portal where small businesses can add themselves to Google's local search index and track visits to such listings. Dalka uses the Local Business Center on behalf of multiple clients, but the email detailed November 2009 data for a company called Boscos, an outfit he'd never heard of.

The email included the number of times Boscos had appeared in Google's local search results during the month, the number of users who clicked on the listing, the number who clicked for "more info," the number who clicked for driving directions, and the number who clicked on the company's website.

After digging up a recent Tweet from someone who'd received a similar email, he blogged about the incident, and several others responded to say they too had received detailed Google traffic info for unfamiliar merchants.

Similar stories have popped up elsewhere, including a pair from noted Google Maps watcher Mike Blumenthal.

In each case, the email details November 2009 stats for a seemingly random business, and among the emails that are now public, the business is never the same.

At least some users received an apology, in which Google acknowledged the emails. When we contacted the company, it did much the same - though it played down the incident, saying it had sent "incorrect information" to less an one per cent of its LBC users. It's unclear how many users it claims.

"We send a monthly newsletter to our Local Business Center users, featuring product news and a glimpse at statistics about the traffic Google properties drive to their listing," read a statement from a company spokeswoman. "Shortly after sending the newsletter to a small portion of our users (less than 1%), we discovered that some emails included incorrect business listing information.

But when asked if the "incorrect information" was data related to real third-party business, the spokeswoman confirmed that it was.

The company blames the leak on "human error".

"We promptly stopped sending any further emails and investigated the cause," the statement continued, "which we found to be a human error while pulling together the newsletter content.

"We'd like to apologize to all the business owners affected and assure all our users that we're working hard to ensure that nothing similar will happen again. Those affected should have all received a corrected email."

In his blog post, David Dalka compares Google's snafu to AOL's infamous 2006 data breach, remembering Eric Schmidt's claim that his company would never follow in AOL's footsteps. "Our number one priority is the trust that our users have and that would be a violation of trust, so the answer is, it won’t happen," Schmidt said in 2006.

This is a tad different. AOL leaked search data for individual users. Google has leaked traffic data for small businesses. But at least some of Dalka's concern is warranted - however many users Google leaked those stats too. After all, this is Google - a company that may house more data about the world's people and businesses than any other, with more streaming in by the day.

"The Internet is about trust. Lose it and it's hard to get back. If I were sitting on Google's board of directors, I'd certainly be asking the management team about what caused this apparently haphazard communication of private data and what internal controls will be changed to prevent a future similar event," Dalka told The Reg.

"Google randomly exposing analytics data to various people concerns me. It makes me wonder what other processes could this happen with at Google? How will businesses' privacy be protected from Google?" ®

Beginner's guide to SSL certificates

More from The Register

next story
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Yes, yes, Steve Jobs. Look what I'VE done for you lately – Tim Cook
New iPhone biz baron points to Apple's (his) greatest successes
Lords take revenge on REVENGE PORN publishers
Jilted Johns and Jennies with busy fingers face two years inside
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.