Google To Anonymize Data -- Updated
By Ryan Singel
March 14, 2007 | 3:45:17 PM
Google is reversing a long-standing policy to retain all the data on its users indefinitely, and by the end of the year will begin removing identifying data from its search logs after 18 months to two years, depending on the country the servers are located in.
Currently, Google indefinitely retains detailed server logs on its search engine users, including user's IP addresses – which can identify a user's computer, the query, any result that is clicked on, their browser and operating system, among other details. Even if a user never signs up for a Google account, those searches are all tied together through a cookie placed on the user's computer, which currently expires in 2038.
The new policy will be global, but there will be variances by country, especially in Europe where a data retention rule
passed in 2005 requires ISPs and phone companies to keep data from six months to two years. After that time period, Google will "anonymize" the search data from web and image searches by dropping either the second half or last quarter of I.P. addresses, thus turning an address such as 127.0.34.35 into 127.0 or 127.0.34. The goal is to make it technically impossible to retroactively tie a query back to a computer, unless the query included identifying information.
User logs from services that require log-ins, such as personalized search, Google Documents and Gmail will not be subject to this policy. Those services are governed by their own privacy policies. More can be found on this at Google's official
blog announcement.
Civil libertarians have long criticized the search giant's hoarding of data, saying that the data store created an attractive target for law enforcement and civil suits. Google successfully
quashed a Justice Department request for large chunks of user data in 2005.
Google has long maintained it keeps the user data to help optimize their services.
Peter Fleischer, Google's privacy counsel in Europe, described the new policy as a result of ongoing talks with privacy groups.
"The new policy lets us improve services and protect user's privacy at the the same time," Fleischer said in a press call.
Justice department officials, along with members of Congress, have been pushing in public and private to have ISPs and other internet companies to retain data for longer periods of time, ostensibly to help with criminal investigations of child pornography.
But on Wednesday, Google's deputy general counsel Nicole Wong said she had not "received any communications" from federal officials about data retention.
The new policy also shouldn't affect many investigations, Wong said, since the two year time limit "seems to be at the outer edge of what police want." Mostly police are interested in logs that are a day or two old, according to Wong.
Google still refuses to disclose how often their logs are subpoenaed,
even in cases where they are free to do so.