A “mortified” Google has issued an apology to Kenyan mobile listings site Mocality over customers and data that was allegedly pilfered from the startup’s database.
The story hit the internet like wildfire on Friday afternoon, with major international sites and techblogs like The Register, Techcrunch, Boing Boing, The NextWeb, PaidContent and Slashgear all reporting on it. The story moved mainstream with prominent news sites like the Guardian picking it up.
In response, Google’s emerging markets product and engineering VP Nelson Mattos issued a statement on Google+ saying the search engine had “unreservedly apologised to Mocality” and was still investigating the incident.
“We were mortified to learn that a team of people working on a Google project improperly used Mocality’s data and misrepresented our relationship with Mocality to encourage customers to create new websites. We’ve already unreservedly apologised to Mocality. ”
“We’re still investigating exactly how this happened, and as soon as we have all the facts, we’ll be taking the appropriate action with the people involved,” he said.
It is unclear at this stage whether the individuals involved were Google employees or contractors working on the company’s behalf.
In an interview with Memeburn, Magalinksi said: “I appreciate the speed with which Google reacted and apologised, but there are still many questions left to answer — I’m looking forward to hearing the outcome of Google’s investigations.”
Mocality is a three-year-old startup owned by South African-based emerging market internet giant, Naspers — an US$18-billion company that has stakes in Facebook, Tencent and mail.ru — and many other emerging market internet properties dotted around the world.
Mocality said Google illegally used the Kenyan site’s database to boost its recently launched Getting Kenyan Businesses Online (GKBO), an initiative aim at Kenyan SMEs who do not have an online presence.
“Shortly after that launch, we started receiving some odd calls. One or two business owners were clearly getting confused because they wanted help with their website, and we don’t currently offer websites, only a listing. Initially, we didn’t think much of it, but the confusing calls continued through November,” he wrote.
Mocality’s sting operation
As the number calls rose, the company decided to set up a “sting operation” to find out where the calls were coming from. The site made some adjustments to its code and served a different telephone number to the IP address that had been accessing a large amount of its data.
“For visitors from the 18.104.22.168 address, we changed the code to serve slightly different content 10% of the time. Instead of the real business phone number, we served a number that fed through to our call centre team, where the incoming calls would also be recorded. Our team were briefed to act like the business owners for the calls.”
According to Mocality, within a few hours of the change going live, six calls came through to its offices (which was recorded) from someone who identified himself as a Google representative claiming to be working with Mocality.
“[The caller stated] that GKBO is working in collaboration with Mocality, and that we are helping them with GKBO, before trying to offer the business owner a website (and upsell them a domain name). Over the 11 minutes of the whole call he repeatedly states that Mocality is with, or under (!) Google.”
Google also apparently told business owners that Mocality would begin charging for listings, something the company had no plans to do.
It seems someone, somewhere got wind of the sting operation and stopped accessing the site via the IP address Mocality was targeting. Magdalinski then claims that the guilty party outsourced the operation to a company in India.
Business owners were receiving calls from India with the same promise as before. A day after the old IP address had stopped accessing the site a new IP address, 22.214.171.124, made 17 645 requests, 15 554 of which were to business profiles.
“Since October, Google’s GKBO appears to have been systematically accessing Mocality’s database and attempting to sell their competing product to our business owners. They have been telling untruths about their relationship with us, and about our business practices, in order to do so. As of January 11th, nearly 30% of our database has apparently been contacted,” writes Magdalinski.
He poses three interesting question at the end of this post:
- If Google wanted to work with our data, why didn’t they just ask?
- Who authorised this?
- Who knew, and who SHOULD have known, even if they didn’t know?
— In discussions with various Google Kenya/Africa folks in the past, I’d raised the idea of working together more closely in Kenya. Getting Kenyan businesses online is precisely what we do.
Until we uncovered the ‘India by way of Mountain View’ angle, I could have believed that this was a local team that somehow forgot the corporate motto, but not now.
Well-known Kenyan technology blogger and TED speaker Erik Hersman, who also blogged about the issue, told Memeburn that Google in Kenya have “always been above reproach”.
“…the hard facts that Mocality has produced are hard to dispute though, so it’s highly disappointing and I only hope that Joe Mucheru [Regional Lead Sub-Saharan Africa at Google] has a palatable answer for us,” he said.
“Otherwise, Google will have lost much of their hard-won trust over the past few years.”
Replying to Google+ comments Mattos said: “I appreciate all the comments and interest in this matter. These are, however, very serious issues, and we’re still investigating them to understand how this happened. We can’t provide any more information right now.”