Europeans warn search engines: Delete user data sooner

A European Commission advisory body has suggested that search companies delete data collected about their users after six months — a far cry from what most companies currently do.

The recommendation arrived in a 29-page “opinion” (PDF) published Friday by a European Commission body known as the Article 29 Working Party. Backed by privacy groups, it has been pressuring Internet companies on the search data front for months. The report focused on advertising-supported search engines, as opposed to search functions embedded in Web sites.

The Working Party’s suggestions don’t officially have the force of law yet, but they are expected to be adopted by the EC. The EC already adopted a broader set of data protection laws a decade ago, but this report was meant to address specifically how search engines, including those headquartered outside its borders, fit into that setup.

Source: ZDNet

Privacy in search engines is critical because “an individual’s search history contains a footprint of that person’s interests, relations, and intentions,” which can then be mined by businesses and national security operatives alike, the working party wrote.

The Working Party covered a broad swath of issues, saying it expects search engines, among other things, to:

• Use personal data — ranging from search query histories to IP addresses and unique cookie identifiers — only for “legitimate purposes”
• Destroy and anonymise that data when it’s no longer legitimately useful
• Inform users about data collection and storage practices
• Set cookies to have a lifetime “no longer than demonstrably necessary”
• Dissociate a user’s IP address or other identifier from his or her stored search queries
• Allow users to see whatever “personal data” is being stored about them, whether it be their past search queries or other data “revealing their behaviour or origin”
• Respect Web site operators’ desires to opt out of having their properties crawled, indexed, and cached through use of mechanisms like the robots.txt file or the Noindex/NoArchive tags
• Do more to prevent personally identifiable information — such as Social Security numbers, credit card numbers, telephone numbers, and e-mail addresses — from creeping into search results

Search engines, for their part, have said they need to keep logs of a certain amount of user information in order to improve the quality of search results, keep their services secure from attacks, tailor advertising to their audiences, and help law enforcement officials investigate crimes. But the Working Party cast doubt on several of those reasons, saying they aren’t well-defined enough to justify vast data collection.

Electronic Privacy Information Center Director Marc Rotenberg deemed the working party’s findings “a big deal”. They’re potentially significant for widely used American search engines with European presences on at least a couple of levels.

First, the data retention period suggested by the European group is far shorter than that adopted in privacy policy updates by the big five American search engines — Google, Yahoo, Microsoft, AOL, and Ask.com — last summer. To be sure, the six-month limit isn’t set in stone, as the Working Party says it is willing to entertain pleas that a longer period “is strictly necessary for the service.”

A CNET News.com survey last year suggested Ask.com made the most privacy-protective changes, deleting data about its users within hours. AOL said it deleted data after 13 months, Microsoft said it deleted data after 18 months. In an arguably less privacy-protective step, Yahoo and Google said they “partially anonymised” data after 13 and 18 months, respectively. Many of those providers said they held onto search queries indefinitely.

Second, the EC report declared that IP addresses should be considered personally identifiable information whose storage must be curbed. That proclamation clashes with what Google has long argued — that because the IP addresses Internet subscribers are assigned can change frequently, they can’t necessarily be matched up to a particular person, especially by a service like Google that doesn’t hand them out (an Internet service provider, the company admits, may present a different situation).

Google, for its part, responded to the Working Party’s report with a defense of its existing practices. Without directly referencing the working party, Global Privacy Counsel Peter Fleischer lamented that the value of personal data in improving consumers’ Web surfing experiences “is unfortunately sometimes lacking in discussions about online privacy.”

Yahoo and Microsoft representatives said they were committed to promoting user privacy and still reviewing the European Commission’s report.