backtop


Print 18 comment(s) - last by typo101.. on Jun 14 at 7:14 PM

Google responds to the EU by dropping six months of logs

Following criticism from privacy groups, Google is again revising its policy on how long its servers will retain search data generated from users of its websites. Under its new policy, Google will anonymize its log data after 18 months.

The move was fuelled by a letter from the European Union in May, warning the search giant that its data retention policies may be in violation of EU laws. Months earlier, in March, Google said that it was changing its practice from keeping user data indefinitely to only 18 to 24 months. After that period, Google would remove the last eight bits of a user’s IP address, with all the remaining bits retained for the purpose of approximating user information for authorities.

In this latest change, Google will cut its retention by up to eight months by keeping logs for a maximum of 18 months. Peter Fleischer, global privacy counsel for Google, writes in the official blog, “The Article 29 Working Party, an advisory panel composed of representatives from all of the E.U.'s national data protection authorities, has sent us a letter in response to our commitment to anonymize server logs. In it, they're asking us to provide further information about our new policy, and to explain why we feel that the time period of 18 to 24 months is ‘proportionate’ under European data protection principles.”

Google explained to the EU that its server logs are used to improve its search algorithms, defending systems from attacks, protecting users from spam, phishing and to respond and aid law enforcement.

“After considering the Working Party's concerns, we are announcing a new policy: to anonymize our search server logs after 18 months, rather than the previously-established period of 18 to 24 months. We believe that we can still address our legitimate interests in security, innovation and anti-fraud efforts with this shorter period,” writes Fleischer. “However, we must point out that future data retention laws may obligate us to raise the retention period to 24 months. We also firmly reject any suggestions that we could meet our legitimate interests in security, innovation and anti-fraud efforts with any retention period shorter than 18 months.”

Fleischer also says that the company is considering the Working Party's concerns regarding cookie expiration periods, and will make an announcement on its new and improved digital baked goods in the coming months.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

By typo101 on 6/14/2007 7:14:40 PM , Rating: 2
quote:
I can watch their house with GoogleEarth


hah hah. *peers at screen really closely* "YES! I see some blue pixels! His car is definitely blue... or was... a couple months ago..."


"Well, we didn't have anyone in line that got shot waiting for our system." -- Nintendo of America Vice President Perrin Kaplan

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki