Google Schizophrenic With Privacy and Personalized Search


With Google firmly declaring it's intent to move towards personalized search today's move towards showing more sensitivity towards privacy sends them in conflicting directions.

When you search on Google, we collect information about your search, such as the query itself, IP addresses and cookie details. Previously, we kept this data for as long as it was useful. Today we're pleased to report a change in our privacy policy: Unless we're legally required to retain log data for longer, we will anonymize our server logs after a limited period of time. When we implement this policy change in the coming months, we will continue to keep server log data (so that we can improve Google's services and protect them from security and other abuses)—but will make this data much more anonymous, so that it can no longer be identified with individual users, after 18-24 months.

Have they shown their hand with how long they are willing to go for user data? Is 18-24 too long? IMHO you could learn an awful lot about somebody with 2 years worth of data. I say shortening it to 3 months would be ideal if you were really concerned about the "user experience" and not "trapping my data", of course that would give you an awfully short trend line on pretty much everything.


split the difference

> 3 months... would give you an awfully short trend line

agreed. but 1.5 to 2 years seems to be erring a bit far in the other direction. granted, it's better than keeping data "as long as it [is] useful" but the amount of searches that two years of data represents, the amount you could know about specific searcher trends is *staggering*.

and let's hope that they "anonymize" their data a bit better than aol.

FUD at its finest

>24 months

24 days would be reasonable, 24 hours would be better. Reading the comments at Matt's preemptive strike post, you'll see a "Cory" (Cory Doctorow, EFF maybe?) ask if it's not trapped then where is the delete-my-data button. Cory got it right, if it ain't trapped, and it sure ain't free, then where is it?

Number of searches better?

2 years is still far too long for power users, maybe for my mum it would be an appropriate length of time.

Perhaps they should delete after a certain number of searches (say 2000 searches), so that everyone has approximately the same exposure and Google can still get some meaningful data.

seems fair

Google HAS to move to personalized search, because that's the way all software is evolving, for good reasons of customer individuation. So on this one hand, they need to keep as much data as they need to keep to perfect their systems and lead the race.

And yet it seems they must have thought deeply about this - surely they must have decided they prefer NOT to be holding that much button-down info, which will bring government interference like flies to honey.

I think they'll continue to finesse these dual positions. I would watch for them to find quiet habits of obscurantism. And I also think this is a deep thing, not a simple calculation.

personally, I find a clear timeline better than the perpetuity I thought we were stuck with

says who

>Google HAS to move to personalized search, because that's the way all software is evolving, for good reasons of customer individuation.

Who says it has to move toward personaization, I'm a power user and quite honestly I think personalization sucks. I want to be able to type 2+2 into a calculator and get 4 every time, not get 3 because google knows on thursdays I like 3, or 5 because 5 is my favorite number, or 3.14 because my children were searching for PI on their math report yesterday.

Does this actually change anything?

Assuming Google collates this info all the time, it is a rolling data set, constantly being updated and summarised against each individual, this 'summarised' data is always fresh, always within the 18-24 months. The value of data they have - at any given point - is hardly affected at all by not having specifics from 3 years ago, the trends and summary will still exist and will still reflect what happened 3 years ago.

If they want to protect privacy there should be a [delete everything you know about me] button.

In the UK you can legally request a company provide all information they store about you - and they have to comply within a short space of time - can you do this with Google?

maybe ...

it's time to release the anti-personalized search tool....


I agree with graywolf's

I agree with graywolf's comments raised here and on SEL and would argue against the counterpoints published if I could login there. :)

In the UK you can legally request a company provide all information they store about you - and they have to comply within a short space of time - can you do this with Google?

I strongly suspect that you would need to provide user IP ranges for Google to do this.


Count me in and I would definitely pay for it!

I strongly suspect that you

I strongly suspect that you would need to provide user IP ranges for Google to do this.

Maybe I will request all the info tied to my static IP, see what they say.

Will governments be able to subpoena server log data after it is anonymized? Will anonymized data still be able to identify an individual user by cookie or IP address?
Google does comply with valid legal process, such as search warrants, court orders, or subpoenas seeking personal information. Logs anonymization does not guarantee that the government will not be able to identify a specific computer or user, but it does add another layer of privacy protection to our users' data.

'Add another layer of privacy' Does that actually mean anything when preceeded with 'does not guarantee'..

I'm all for the "Delete Search History" button

I personally do not care that Google knows what I search for. However, I very much understand that some people would not really want Google to store data, which could tie them to their preferred banking institution, stock brokerage, or life insurance company.

As such, it would be very nice to integrate a "Delete Search History" button. Ok maybe not to the open Google, but certainly my personalized Google (when I'm logged in). A button like this would instantly hush all of the naysayers and impress upon it's users that Google really uses your data to improve its services, and not just to profit from directly.

An Aside: I have a gut feeling this whole personalized search push, not just for Google, but for all SEs, is merely another way to monetize the targeted data they collect. Imagine the dollar figure an SE could fetch from some of the aforementioned types of institutions; each of which would love to know how often their keywords were searched for, or even if they were included in the top 10, or top 5 percentile of the most clicked upon search results. I'm not suggesting they currently do this, but they could in the future.

"in Europe, the law mandates

"in Europe, the law mandates that such records be preserved. Last year, the European Union ordered phone and Internet companies to retain traffic data tied to individual computer addresses for six to 24 months to help police investigate crimes. The EU left the exact time frame to each member nation to decide."

"Chris Hoofnagle, a privacy law professor at UC Berkeley's Center for Law and Technology, said Google shouldn't treat users in different countries the same. In the U.S., where there's no requirement like Europe's, he said, Google should keep the records only long enough to provide more targeted results and track clicks on ads."


if you want to resist

if you want to resist something to improve the world, resist the assignment of IP number as an identifier. Join public wifi networks and lobby your representatives to allow you to share your ISP connection.

Yeah it mucks up marketing but it's the root of your privacy concerns. All this other stuff is just cutting the tops off the weeds.

24 hours?

What kind of buying cycle can you track in 24 hours? Sex searches? How about 15 minutes?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.