"Despite your contention that Google did not have the same data protection failures as Facebook, it appears from recent reports that Google+ [Google Plus] had an almost identical feature to Facebook, which allowed third party developers to access information from users as well as private information of those users’ connections," the letter stated.
The letter added that Google was apparently aware of its vulnerability "at the time I invited you to participate" in an April 10 hearing on consumer data privacy on social media platforms, the letter explained.
The letter cited news reports that Google had exposed the private data of about 500,000 Google Plus users from 2015 to March 2018 and then failed to disclose the glitch.
The April hearing featured testimony by Facebook Chief Executive Mark Zuckerberg on data theft by the political consulting firm Cambridge Analytica during the 2016 presidential election.
In declining to appear before US Senate Judiciary Committee, which Grassley chairs, Google claimed that it did not have the same data privacy issues as Facebook, the letter noted.
Grassley demanded an answer to why it took Google three years to discover the vulnerability and why the company did not disclose the glitch when the issue was discovered.