How Bad Is This Really?
Obviously, this is not a good look for Google. All companies should be making an effort to protect user data and prioritize privacy across the board. However, from a security standpoint, what’s the actual damage to users?
Fortunately, as 404 Media found in their investigation, the majority, if not all, security issues raised by the internal leak have been mitigated or resolved. The license plate issue, for example, was paired with a caveat that at least somewhat alleviates Google of any malicious accusations.
“I want to emphasize that this was an accident. The system that transcribes these pieces of text should have been avoiding imagery identified by our license plate detectors but, for reasons as-yet unknown, was not.” – a Google employee in the report
Google is a massive company with a lot of plates in the air, and obviously some things are going to slip through the cracks. The key is in how you respond to those mistakes, and Google has done well in righting those wrongs. Yes, covering it up and only admitting to it after an internal leak is a similarly bad look, but hey, they got rid of that whole “Don’t be evil” slogan a long time ago, right?