Technology news and Jobs 
Information Technology News Google amends log retention policy
Information Technology News Google amends log retention policy | Google amends log retention policy |
|
| by Stephen Withers | |
| Wednesday, 13 June 2007 | |
  
Featured Whitepaper
5 Best Practices for Smartphone Support
The company defended its decision by referring to the need for log analysis to measure the quality of search results, to suggest alternative spellings for search terms, to help guard against malicious access and various types of spam. Google also pointed to the difficulty of simultaneously complying with laws in multiple jurisdictions. The EU has directed member states to pass laws requiring the retention of data for periods between six and 24 months, and the US Department of Justice is seeking 24-month retention. The company faces other obligations imposed by accounting requirements, contracts (eg, with advertisers) and compliance laws such as Sarbanes-Oxley in the US. In the face of the Working Party's concern, Google agreed to shorten the period before log information is anonymised to 18 months, providing that future data retention laws do not require a longer period. "We also firmly reject any suggestions that we could meet our legitimate interests in security, innovation and anti-fraud efforts with any retention period shorter than 18 months," wrote global privacy counsel Peter Fleisher in the company's formal response. The company has yet to fully address the Working Group's concern about the longevity of cookies set by Google, but is "exploring ways to redesign cookies and to reduce their expiration without artificially forcing users to re-enter basic preferences such as language preference" with an announcement planned for "the coming months." Google did not seem to fully respond to the Working Group that it considers a resolution of the International Data Protection and Privacy Commissioners' Conference which states in part that providers of search engines "shall not record any information about the search that can be linked to users or about the search engine users themselves. After the end of a search session, no data that can be linked to an individual user should be kept stored unless the user has given his explicit, informed consent to have data necessary to provide a service stored (eg, for use in future searches)." This language appears to imply that data should be stored for the benefit of the user rather than the operational convenience of the search provider. The discussion between he Working Group and Google focuses on server logs and cookies, but at this stage does not seem to include any information stored by Google in any other databases or files. The Working Group plans to consider Google's response when it meets this month.{moscomment} |
Tags
| < Next story in category | Previous story in the category > |
|---|
