Previously, Google operated a policy of retaining search queries
and identifying information, such as Internet Protecol (IP)
addresses, for as long as it thought useful. In March, Google’s
global privacy counsel, Peter Fleischer,
announced a new policy. He said that the company will keep its
server log data but will make that data “much more anonymous, so
that it can no longer be identified with individual users, after
18–24 months.”
The letter of concern was sent to the search giant on 16th May
by the Article 29 Working Party, an independent European advisory
body on data protection and privacy. Google has responded with a
statement that it wants to have a "constructive dialogue" with
European authorities about its controversial policy.
The letter is addressed to Fleischer, based in Google’s Paris
office. It praises Google’s willingness to engage with the data
protection community and contrasts that with “some of the other
leading players in the search engine community.”
However, the letter continues:
Although Google's
headquarters are based in the United States, Google is under legal
obligation to comply with European laws, in particular privacy
laws, as Google's services are provided to European citizens and it
maintains data processing activities in Europe, especially the
processing of personal data that takes place at its European
centre.
As you are aware, server logs are information that can be linked to
an identified or identifiable natural person and can, therefore, be
considered personal data in the meaning of Data Protection
Directive 95/46/EC. For that reason their collection and storage
must respect data protection rules.
The Article 29 Working Party considers a reduced storage period for
server logs generated by the users of Google services as a valuable
step to improve Google's privacy policies. However, it is of the
opinion that the new storage period of 18 to 24 months on the basis
indicated by Google thus far, does not seem to meet the
requirements of the European legal data protection framework.
The Article 29 Working Party is concerned that Google has so far
not sufficiently specified the purposes for which server logs need
to be kept, as required by Article 6(1)(e) of Data Protection
Directive 95/46/EC. Taking account of Google's market position and
ever-growing importance, the Article 29 Working Party would like
further clarification as to why this long storage period was
chosen. The Working Party would also be keen to hear Google's legal
justification for the storage of server logs in general.
The letter also raises concerns about the cookie that Google
stores on the computers of visitors who do not use their browser
settings to block these small text files that allow Google to
recognise a return visit from a particular computer.
The letter states:
Concerning the 'google
cookie', the lifetime of this cookie, which has a validity of
approximately 30 years, is disproportionate with respect to the
purpose of the data processing which is performed and goes beyond
what seems to be 'strictly necessary' for the provision of the
service, within th meaning of Article 5(3) of the ePrivacy
Directive 2002/58/EC.
The Working Party suggests that Google's policy "can be further
improved" to ensure data protection compliance. It requests
clarification on the extent to which the anonymised data still
contain "significant information" about the user and "whether it is
reversible (e.g. does Google have any means of reversing the
anonymization)."
Peter Fleischer has since said that Google is “committed to
engaging in a constructive dialogue with privacy stakeholders,”
including the Working Party, on how to improve its privacy
practices.
"We believe it's an important part of our commitment to respect
user privacy while balancing a number of important factors, such as
maintaining security and preventing fraud and abuse," he said in a
statement.
Five days before the letter was sent to Google, Fleischer had
discussed
Google’s reasons for remembering information about searches in
Google’s official blog.
He cited and explained three reasons: to improve the
quality of search services; to maintain security and prevent fraud
and abuse; and to comply with legal obligations to retain data.
Explaining the last of these points, Fleischer wrote that
“Google may be subject to the EU’s Data Retention Directive”.
This Directive is not yet in force, but it will require ISPs and
telcos to retain certain traffic and location data for up to 24
months. Google’s email and internet telephony services are likely
to be caught by the Directive, though possibly not before 2009. The Directive
applies only to data that are generated or processed by providers
of “publicly available electronic communications services or of
public communications networks”. However, even if this were
interpreted so widely as to catch Google’s search service, it seems
unlikely that the categories of data to be retained, as defined in
the Directive, could extend to the content of a search query.
The letter from the Article 29 Working Party does not refer to
Fleischer's blog posting.
Meanwhile, Google could also face a privacy probe in the US,
where it has agreed to buy online advertising company DoubleClick
for $3.1 billion. The company said that consumer regulator the
Federal Trade Commission (FTC) has launched an investigation into
the purchase that focuses on the privacy rights of its users.
Online advertising company DoubleClick collects a large amount
of information about users' web surfing habits. Google does too,
prompting questions from the FTC about how the merged firm will
treat the data it collects.
The FTC action is an antitrust review, which will focus
primarily on competition questions. "We are confident that upon
further review the FTC will conclude that this acquisition poses no
risk to competition and should be approved," said Don Harrison,
senior corporate counsel at Google.
Privacy advocacy groups in the US have asked the FTC to question
Google over its data collection and storage, while competitors such
as Microsoft are said to have asked the body to investigate the
deal on competition grounds.
