Google to beef up its privacy policy
Google’s global privacy counsel, Peter Fleischer, disclosed his company’s policy change this week in a letter to the Article 29 Data Protection Working Party in Belgium.
This was a response to Article 29’s demand that Google justify why it does not conform to the resolution on privacy protection and search engines adopted in London last November.
The resolution calls on search engines to erase data linking people to searches when sessions end unless they get permission to keep it.
In March, Google announced a policy to edit data to render users anonymous after 18 to 24 months. Article 29 implied Google was flouting European regulations.
“Google is a US company and respects US laws, but we are also a global company, doing business across Europe and across the world. We recognise the need to respect laws of countries in which we do business,” Fleischer wrote.
“After considering the Working Party’s concerns, we are announcing a new policy to ‘anonymise’ our search server logs after 18 months.”
Google said it needed to keep information on searchers and their online exploration to protect its system against attacks, expose online scams and hackers, improve the algorithm on which searches are based and meet law enforcement requirements. “Clearly some period of retention is necessary,” Fleischer wrote.
”A policy of immediate deletion would not serve our users and would breach many of our legal and ethical obligations.”
Google called on Article 29 to lobby European nations to make laws on what information has to be kept and by whom clearer and more regionally uniform.
“There is tremendous confusion in legal circles across Europe on these issues and both individuals and companies would benefit from greater clarity from authorities,” wrote Fleischer.
“A public discussion is needed between officials working in data protection and law enforcement to resolve these issues.” The exchange between Fleischer and Article 29 chairman Peter Schaar was posted on Google’s website after a UK human rights group concluded Google had the most abysmal privacy policies and was leading a “race to the bottom” by renowned internet firms
London-based Privacy International (PI), which has monitored rights protections on the internet since its fledgling days, ranked Google “hostile to privacy”. Google scored lower in privacy protection than rivals Microsoft, Yahoo and AOL.
“Throughout our research we have found numerous deficiencies and hostilities in Google’s approach to privacy that go well beyond those of other organisations,” PI said in a report.
Google collected vast information on users, and was poised to amass even more with the purchase of ad-tracking firm Double Click, said PI. While other internet firms shared some of Google’s negative traits, “none comes close to achieving status as an endemic threat to privacy”, said the report.
Google said it was proud of its array of products, and it stood by what it claimed as a record for protecting user privacy.
“We are disappointed with Privacy International’s report, which is based on numerous inaccuracies and misunderstandings about our services,” said Google general counsel Nicole Wong. “We recognise that user trust is central to our business, and Google aggressively protects our users’ privacy.”
In its report, PI concluded that Google had a “vague, incomplete and possibly deceptive” privacy policy.