Comparing Search Data Retention Policies of Major Search Engines Before the EU

Posted By Brendon Lynch 
Director of Privacy Strategy

(Re-posted from The Data Privacy Imperative blog)

Today, I testified before the Article 29 Working Party, the Europe Commission group charged with providing advice to the EU and member states on the protection of personal data.  The Article 29 Working Party hearing examined the data anonymization practices of major search companies.  

In April 2008, the Article 29 Working Party issued an opinion that asked search companies to evaluate their search anonymization policies and adopt strong anonymization after 6 months.  In December 2008,Microsoft announced that it was prepared to meet the Article 29 Working Party’s guidelines for search anonymization but believes it is imperative that all search companies adopt the same standard to truly protect people’s privacy. 

At today’s hearing, Microsoft voiced its support for the Working Party’s April opinion that called for a common industry standard for search anonymization. Specifically, we are prepared to move to a six month anonymization timeframe so long as all search companies adopt an equivalent timeframe and methodology.

We explained why the strength of the anonymization method matters even more to consumer privacy protection than the timeframe when it is anonymized. While both an effective timeframe and method are necessary, a short timeframe coupled with a weaker method will not yield as strong privacy protections since, if cross-session identifiers remain, data can possibly be correlated and maybe even linked to an individual at a later date.

Unlike the anonymization methods of many other search companies, Microsoft deletes the entirety of the IP address, as well as all other cross-session identifiers such as persistent cookie IDs. The company also takes steps from the outset to separate queries from personally identifying information. The following chart explains our understanding of the distinctions between search data practices of the major search companies.  The colors indicate the relative privacy risk of the various approaches.

–Brendon Lynch, director of privacy strategy

(For a higher resolution version of the chart below, click here.)

Chart of leading search engine anonymization practices.


Tags: , , ,