Privacy-protecting search engine ignores IP addresses

OUT-LAW News, 28/01/2009

A Dutch search engine has become the first to operate without recording the address of the computer used to make the search. Ixquick said it had taken the move to protect users' privacy.

Ixquick is a meta search engine which uses other search engines to provide results to users' queries. It has made privacy its main selling point since 2006.

Internet protocol (IP) addresses identify the internet connection used to perform tasks online. Along with data from the user's internet service provider (ISP) this can lead to the identification of the individual behind an action, though it does not always do so.

While search engines such as Google keep data for nine months, Ixquick has until now deleted it after 48 hours. It now says that it can operate without the data altogether.

"The technical need to store IP addresses for 48 hours – blocking automated use of Ixquick's servers – has been overcome by recent technological developments," said an Ixquick statement. The announcement has been timed to coincide with data protection day, which is today.

"At Ixquick we feel people have a fundamental right to privacy," said Ixquick chief executive Robert Beens. "Using a search engine is sharing your innermost secrets and habits which should be safe. Ixquick has the best privacy policy of the search industry. Today it has become even better."

Search engines' IP address retention policies have only recently become controversial, but are now a bone of contention between search engine companies. Google announced in 2007 that it would stop keeping logs indefinitely and would delete them after 18 to 24 months.

That led privacy activists and officials to look into the retention of IP addresses and criticise all search engines for keeping them for so long.

Google reduced the time that it kept addresses first to 18 months and then, last September, to nine months. Yahoo! announced in December that it would only retain the addresses for three months.

Search engines have said that they need to keep IP addresses to improve the usefulness, security and functionality of their services. Privacy watchdogs have said that the information should not be kept for longer than necessary to make the services work.

The Article 29 Working Party, which is a committee made up of the privacy watchdogs of the European Union's 27 member states, said last year in a report on the issue that any company that kept logs for longer than six months risked falling foul of data protection laws.

Hear:

• The search engine that has no idea who you are, OUT-LAW Radio, 17/07/2008
• IP addresses and privacy, OUT-LAW Radio, 31/01/2008
• Privacy battle rages, OUT-LAW Radio, 08/11/2007
• Google privacy chief talks, OUT-LAW Radio, 05/07/2007

See also:

• Yahoo! reduces search log retention period, OUT-LAW News, 18/12/2008
• Log-deleting search engine wins award, OUT-LAW News, 18/07/2008
• Search engines must delete data after six months, say watchdogs, OUT-LAW News, 08/04/2008
• Privacy head says Google may budge on privacy, OUT-LAW News, 01/02/2008
• Privacy laws should be overhauled, says European regulator, OUT-LAW News, 09/11/2007
• Proposed global privacy standard is too vague and too weak, says expert, OUT-LAW News, 15/10/2007
• Google calls for international privacy laws and policies, OUT-LAW News, 14/09/2007
• Our data retention is not data protection watchdogs' business, says Google privacy boss, OUT-LAW News, 06/07/2007
• EU search engine probe expands beyond Google, OUT-LAW News, 27/06/2007
• Data retention laws do not cover Google searches, says Europe, OUT-LAW News, 13/06/2007
• Data protection watchdogs’ letter to Google goes public, OUT-LAW News, 30/05/2007
• Google will delete search identifiers after two years, OUT-LAW News, 20/03/2007

Feedback | Printer-friendly page | Latest news | | All news feeds | Ask a lawyer