Alphabet shareholders have previously sued Google for knowingly concealing a security flaw that allowed users’ private data to be leaked. Google was dissatisfied with the lawsuit and wanted the court to dismiss the lawsuit, but the U.S. Supreme Court rejected Google’s request.
The leak happened in 2018, and Google was sued for being too slow to disclose. The next U.S. court ruled to resume the lawsuit, which has now been upheld by the Supreme Court and Alphabet’s appeal has been dismissed.
In October 2018, US media disclosed that the personal data of nearly 500,000 users of Google+ was leaked, and Google concealed the matter because it was afraid of attracting regulatory scrutiny and fear of harming its reputation. The plaintiffs contend that Google violated U.S. securities laws by making false or misleading statements.
Google eventually admitted that the company discovered the data breach in March 2018, and Google shut down the consumer version of Google+ not long afterward. In February 2020, U.S. District Judge Jeffrey White dismissed the lawsuit, and the plaintiff refused to appeal.
The U.S. Ninth Circuit Court of Appeals in San Francisco pointed out in June 2021 that Alphabet’s then-CEO Page and successor Sundar Pichai knew of the problem and saw the internal security incident memo, but they deliberately concealed it and did not tell investors.
The Circuit Court of Appeals agreed with the plaintiffs. The plaintiffs claim that Google’s silence was to buy time and not want the incident to get the same public attention as Meta. Facebook has come under public scrutiny after it was revealed that Cambridge Analytica, a British data analytics firm, was collecting user data.