Google adjusts privacy policy -- slightly

Computerworld - Google Inc. has decided to make the data it stores about end users anonymous in its server logs after 18 months, according to a blog posted yesterday by the company's global privacy counsel.

Previously, Google had said it would make the data anonymous after 18 to 24 months.

The decision comes in response to a letter the company received last month from a European Union data protection working group regarding Google's privacy policies.

Separately, a report released last week by Privacy International ranked Google worse than any other Internet company in protecting the privacy of its users.

In its letter, the Article 29 Working Party, an advisory panel of representatives from the EU's national data protection authorities, asked Google to explain why it needed to keep user data for 18 to 24 months. The group said server logs contain information that can be linked to a particular person and that collecting such data must comply with the EU's data protection laws.

The working group said keeping the information for 18 to 24 months does not meet those laws, and it asked Google to justify its reasons for keeping the information for that length of time. The group said it planned to discuss this issue at a meeting later this month.

In response, privacy counsel Peter Fleischer said: "The Internet is a global medium, and the principles at stake -- privacy, security, innovation and legal obligations to retain data -- have an impact beyond Europe, and outside of the realm of privacy." He added: "These principles sometimes conflict; while shorter retention periods are good for privacy, longer retention periods are needed for security, innovation and compliance reasons."

Fleischer said Google believed it had "struck a reasonable balance between these various factors" and that its policies were consistent with EU data protection laws. Fleischer said Google needed to retain server logs for a variety of reasons, including to improve its search algorithms for the benefit of users; to defend its systems by fighting click fraud and spam; to comply with data retention legal obligations; and to "meet valid legal orders from law enforcement as they investigate and prosecute serious crimes like child exploitation."

"After considering the working party's concerns, we are announcing a new policy: to anonymize our search server logs after 18 months, rather than the previously established period of 18 to 24 months," Fleischer said. "We believe that we can still address our legitimate interests in security, innovation and antifraud efforts with this shorter period. However, we must point out that future data retention laws may obligate us to raise the retention period to 24 months."