Feeds

Google to anonymize user data

It's about time

Choosing a cloud hosting partner with confidence

Google is to discard some of the information it stores about user search requests in an effort to address concerns by privacy watchdogs and defend itself against government demands for data.

The search giant will scrub personal information from cookies and remove some of the bits in IP addresses after that information has been stored for a set period of time, probably 18 to 24 months, a Google official wrote in a company blog. It expects to roll out the new policy by the end of the year.

Until now, Google has kept information that can link specific searches to individual users indefinitely, potentially providing a trove of data to prosecutors or rogue employees with the proper credentials. Google will continue to log and store user activity but will anonymize it after a period of time. Google said the plan would be altered if laws governing the retention of data required it.

The change is sure to be welcomed by privacy advocates, who have been aghast at the permeability of the walls containing search data that can easily identify those who make the requests. Last year, AOL touched off a firestorm when it published 19m search queries made by more than 650,000 users. AOL had taken steps to anonymize the data, but some searches contained intimate information that allowed readers to identify the requesters. AOL had revealed the data as part of a research project.

Prior to that, the US Department of Justice, working on a case involving child pornography, issued subpoenas demanding several search engines surrender huge amounts of information related to searches. While Yahoo!, MSN and AOL largely caved, Google fought the demand, arguing it would violate user privacy. (The search king, perhaps more transparently, also objected on the grounds that the disclosure would reveal proprietary algorithms.) Google lost part of its bid, and now wisely believes a better tack to take is to discard some of the vast amounts of information it collects.

Google said its decision to continue hoarding identifying information for as long as two years was an attempt to strike harmony among conflicting goals of personalizing its services, safeguarding user privacy, and complying with data retention laws throughout the world. ®

Beginner's guide to SSL certificates

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.