Today, as part of our ongoing evaluation of Microsoft’s Internet search privacy practices, we are pleased to announce an important change in our data retention policy. We will delete the entire Internet Protocol address associated with search queries at six months rather than at 18 months. This new and significant step will be incorporated into our existing privacy practices, which already provide strong protections for Bing users.
This change is the result of a number of factors including a continuing evaluation of our business needs, the current competitive landscape and our ongoing dialogue with privacy advocates, consumer groups, and regulators – including the Article 29 Working Party, the group of 27 European national data protection regulators charged with providing advice to the European Commission and other EU institutions on data protection.
Under our current policy, as soon as Microsoft receives a Bing search query we take steps to de-identify the data by separating it from account information that could identify the person who performed the search. Then, at 18 months, we take the additional step of deleting the IP address, the de-identified cookie ID and any other cross-session IDs associated with the query. The core components of this policy will not change. Our new policy will change the date at which we delete the IP address associated with search queries to six months. We will implement the new policy over the next 12 to 18 months.
There are many good reasons to retain and review search data. Studying trends in search queries enables us to improve the quality of our results, protect against fraud and maintain a secure and viable business. But consumer privacy can and must be preserved. For our part, Microsoft continues to examine our practices to ensure we strike the right balance and achieving both goals.
We applaud the Article 29 Working Party for its leadership on this important issue and look forward to continuing a productive dialogue with them and other key stakeholders.