[IP] Google reduces search log retention to 18 months

David Farber dave at farber.net
Tue Jun 12 10:22:03 PDT 2007



http://googleblog.blogspot.com/2007/06/how-long-should-google-remember.html

Posted by Peter Fleischer, Global Privacy Counsel

Over the years webve taken many steps to protect our users' data and  
privacy. For example, we have resisted overly-broad government  
subpoenas; we've designed our services to give users a choice between  
personalized services and general services; and we've engineered our  
services to allow users to see and control how much data they wish to  
share with us. Recently, we took another important step to improve  
our privacy practices by announcing a new policy to anonymize our  
server logs after 18 to 24 months, becoming the first leading search  
company to publish a data retention policy. We also posted here to  
explain the factors that guided our decision to retain server log  
data for 18 to 24 months.

The Article 29 Working Party, an advisory panel composed of  
representatives from all of the E.U.'s national data protection  
authorities, has sent us a letter in response to our commitment to  
anonymize server logs. In it, they're asking us to provide further  
information about our new policy, and to explain why we feel that the  
time period of 18 to 24 months is bproportionateb under European data  
protection principles. For some time, we've discussed many things  
with the Working Party, ranging from issues raised by Google products  
like Gmail and Google Desktop to industry-wide concerns, such as the  
challenges of protecting privacy in the Web 2.0 era. Webre pleased  
that this most recent letter from the Working Party acknowledges our  
ongoing engagement with the data protection community and, in  
particular, our "readiness to consult with it [the Working Party] in  
contrast with a relative lack of engagement by some of the other  
leading players in the search engine communityb.

In the spirit of transparency, we're publishing our response to the  
Working Party's letter. The Internet is a global medium, and the  
principles at stake -- privacy, security, innovation and legal  
obligations to retain data -- have an impact beyond Europe, and  
outside of the realm of privacy. These principles sometimes conflict:  
while shorter retention periods are good for privacy, longer  
retention periods are needed for security, innovation and compliance  
reasons. We believe webve struck a reasonable balance between these  
various factors. Our policies are consistent with EU data protection  
laws, which acknowledge the need to set data retention periods that  
are proportionate and that enable companies like Google to comply  
with legal requirements.

We have a legitimate interest in retaining search server logs for a  
number of reasons:

    * to improve our search algorithms for the benefit of users
    * to defend our systems from malicious access and exploitation  
attempts
    * to maintain the integrity of our systems by fighting click  
fraud and web spam
    * to protect our users from threats like spam and phishing
    * to respond to valid legal orders from law enforcement as they  
investigate and prosecute serious crimes like child exploitation; and
    * to comply with data retention legal obligations.

After considering the Working Party's concerns, we are announcing a  
new policy: to anonymize our search server logs after 18 months,  
rather than the previously-established period of 18 to 24 months. We  
believe that we can still address our legitimate interests in  
security, innovation and anti-fraud efforts with this shorter period.  
However, we must point out that future data retention laws may  
obligate us to raise the retention period to 24 months. We also  
firmly reject any suggestions that we could meet our legitimate  
interests in security, innovation and anti-fraud efforts with any  
retention period shorter than 18 months. We are considering the  
Working Party's concerns regarding cookie expiration periods, and we  
are exploring ways to redesign cookies and to reduce their expiration  
without artificially forcing users to re-enter basic preferences such  
as language preference. We plan to make an announcement about privacy  
improvements for our cookies in the coming months.

As we build new products and services, we look forward to continuing  
our discussion with the Article 29 Working Party and with privacy  
stakeholders around the world. Our common goal is to improve privacy  
protections for our users.


-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE





More information about the cypherpunks-legacy mailing list