Feeds

Google to anonymize user data

It's about time

Remote control for virtualized desktops

Google is to discard some of the information it stores about user search requests in an effort to address concerns by privacy watchdogs and defend itself against government demands for data.

The search giant will scrub personal information from cookies and remove some of the bits in IP addresses after that information has been stored for a set period of time, probably 18 to 24 months, a Google official wrote in a company blog. It expects to roll out the new policy by the end of the year.

Until now, Google has kept information that can link specific searches to individual users indefinitely, potentially providing a trove of data to prosecutors or rogue employees with the proper credentials. Google will continue to log and store user activity but will anonymize it after a period of time. Google said the plan would be altered if laws governing the retention of data required it.

The change is sure to be welcomed by privacy advocates, who have been aghast at the permeability of the walls containing search data that can easily identify those who make the requests. Last year, AOL touched off a firestorm when it published 19m search queries made by more than 650,000 users. AOL had taken steps to anonymize the data, but some searches contained intimate information that allowed readers to identify the requesters. AOL had revealed the data as part of a research project.

Prior to that, the US Department of Justice, working on a case involving child pornography, issued subpoenas demanding several search engines surrender huge amounts of information related to searches. While Yahoo!, MSN and AOL largely caved, Google fought the demand, arguing it would violate user privacy. (The search king, perhaps more transparently, also objected on the grounds that the disclosure would reveal proprietary algorithms.) Google lost part of its bid, and now wisely believes a better tack to take is to discard some of the vast amounts of information it collects.

Google said its decision to continue hoarding identifying information for as long as two years was an attempt to strike harmony among conflicting goals of personalizing its services, safeguarding user privacy, and complying with data retention laws throughout the world. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
The hidden costs of self-signed SSL certificates
Exploring the true TCO for self-signed SSL certificates, including a side-by-side comparison of a self-signed architecture versus working with a third-party SSL vendor.