[IP] Google reduces search log retention to 18 months
David Farber
dave at farber.net
Tue Jun 12 10:22:03 PDT 2007
http://googleblog.blogspot.com/2007/06/how-long-should-google-remember.html
Posted by Peter Fleischer, Global Privacy Counsel
Over the years webve taken many steps to protect our users' data and
privacy. For example, we have resisted overly-broad government
subpoenas; we've designed our services to give users a choice between
personalized services and general services; and we've engineered our
services to allow users to see and control how much data they wish to
share with us. Recently, we took another important step to improve
our privacy practices by announcing a new policy to anonymize our
server logs after 18 to 24 months, becoming the first leading search
company to publish a data retention policy. We also posted here to
explain the factors that guided our decision to retain server log
data for 18 to 24 months.
The Article 29 Working Party, an advisory panel composed of
representatives from all of the E.U.'s national data protection
authorities, has sent us a letter in response to our commitment to
anonymize server logs. In it, they're asking us to provide further
information about our new policy, and to explain why we feel that the
time period of 18 to 24 months is bproportionateb under European data
protection principles. For some time, we've discussed many things
with the Working Party, ranging from issues raised by Google products
like Gmail and Google Desktop to industry-wide concerns, such as the
challenges of protecting privacy in the Web 2.0 era. Webre pleased
that this most recent letter from the Working Party acknowledges our
ongoing engagement with the data protection community and, in
particular, our "readiness to consult with it [the Working Party] in
contrast with a relative lack of engagement by some of the other
leading players in the search engine communityb.
In the spirit of transparency, we're publishing our response to the
Working Party's letter. The Internet is a global medium, and the
principles at stake -- privacy, security, innovation and legal
obligations to retain data -- have an impact beyond Europe, and
outside of the realm of privacy. These principles sometimes conflict:
while shorter retention periods are good for privacy, longer
retention periods are needed for security, innovation and compliance
reasons. We believe webve struck a reasonable balance between these
various factors. Our policies are consistent with EU data protection
laws, which acknowledge the need to set data retention periods that
are proportionate and that enable companies like Google to comply
with legal requirements.
We have a legitimate interest in retaining search server logs for a
number of reasons:
* to improve our search algorithms for the benefit of users
* to defend our systems from malicious access and exploitation
attempts
* to maintain the integrity of our systems by fighting click
fraud and web spam
* to protect our users from threats like spam and phishing
* to respond to valid legal orders from law enforcement as they
investigate and prosecute serious crimes like child exploitation; and
* to comply with data retention legal obligations.
After considering the Working Party's concerns, we are announcing a
new policy: to anonymize our search server logs after 18 months,
rather than the previously-established period of 18 to 24 months. We
believe that we can still address our legitimate interests in
security, innovation and anti-fraud efforts with this shorter period.
However, we must point out that future data retention laws may
obligate us to raise the retention period to 24 months. We also
firmly reject any suggestions that we could meet our legitimate
interests in security, innovation and anti-fraud efforts with any
retention period shorter than 18 months. We are considering the
Working Party's concerns regarding cookie expiration periods, and we
are exploring ways to redesign cookies and to reduce their expiration
without artificially forcing users to re-enter basic preferences such
as language preference. We plan to make an announcement about privacy
improvements for our cookies in the coming months.
As we build new products and services, we look forward to continuing
our discussion with the Article 29 Working Party and with privacy
stakeholders around the world. Our common goal is to improve privacy
protections for our users.
-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list