Google to make search data anonymous
After 18 to 24 months, it's not about you anymore
Computerworld - In a bid to protect the privacy of its users, Google Inc. yesterday said it is taking steps to makes searches by its users anonymous after 18 to 24 months.
"When you search on Google, we collect information about your search, such as the query itself, IP addresses and cookie details," according to a blog post from Peter Fleischer, privacy counsel-Europe, and Nicole Wong, deputy general counsel. "Previously, we kept this data for as long as it was useful. Unless we're legally required to retain log data for longer, we will anonymize our server logs after a limited period of time."
The Mountain View, Calif.-based company said that when it implements the policy change within the next year, it will continue to keep server log data to improve Google's services and prevent security threats and other abuses.
Google said it would also build privacy protections into its products, including Google Talk's "off the record" feature, as well as Google Desktop's "pause" and "lock search" controls.
The company said it will also provide easy-to-understand privacy policies on its Web site for its users.
By making the decision to bolster its privacy policies, Google is responding to the concerns of privacy advocates and some government regulators in the U.S. and Europe that releasing the data could pose privacy risks for users.
"After talking with leading privacy stakeholders in Europe and the U.S., we're pleased to be taking this important step toward protecting your privacy," according to the statement. "By anonymizing our server logs after 18-24 months, we think we're striking the right balance between two goals: continuing to improve Google's services for you, while providing more transparency and certainty about our retention practices."
Two high-tech civil rights groups called the move a good first step but said more work needs to be done.
"This is a big step in the right direction," said Ari Schwartz, deputy director of the Center for Democracy and Technology, in a statement.
"Keeping the data around forever significantly compromises [Google's] users' privacy," said Kevin Bankston, a staff attorney at the Electronic Frontier Foundation in San Francisco. The U.S. government probably has subpoenaed search log data on individuals in criminal investigations, a move it wouldn't necessarily have to reveal, he said. Another danger is that an angry spouse or business partner could obtain the information in the course of a lawsuit, Bankston said.
"We'd love to see a shorter retention period and more complete anonymization," Bankston said. Google should also extend the policy to its other products, which include Gmail, Google Calendar, Google Maps and other Web-based tools.
Other major search providers, such as Yahoo Inc. and Microsoft Corp.'s MSN, haven't revealed as much as Google has about what they do with server logs, Bankston said.
Stephen Lawson of the IDG News Service contributed to this report.
Read more about Security in Computerworld's Security Topic Center.
- The Truth About Cloud Security "Security" is the number one issue holding business leaders back from the cloud. But does the reality match the perception?
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!