Googles Privacy Policies
To its credit, Google has stood fast against the U.S. governments subpoenas requesting query data when its competitorsAOL, Microsoft and Yahoocaved. In early 2005, while investigating the likelihood of children stumbling upon pornography when searching the Internet, the Department of Justice filed a motion in federal court to force Google to comply with a subpoena for "the text of each search string entered onto Googles search engine over a one-week period (absent any information identifying the person who entered such query)." Google was the only search company subpoenaed that fought the subpoena, citing concerns about users privacy. The court went on to recognize the privacy implications of enforcing the subpoena and ruled partially in Googles favor."AOL, Microsoft, and Yahoo all gave some amount of users queries to the Department of Justice," Cutts wrote. " no queries from Google users were given to the DOJ. But Yahoo, Microsoft, and AOL got better grades in this report than Google." Cutts also pointed to a March announcement in which Google said it would begin anonymizing its logs 18 to 24 months after searches are conducted. "Google has continued to communicate on the issue, including a post on the Google blog in May discussing the reasoning behind that decision. In fact, we talk a lot about privacy, from blog posts to Op-Ed pieces in the Financial Times. To the best of my knowledge, no other major search engine has followed suit in a plan to anonymize user logs," Cutts wrote. But, as pointed out by Google Watchs Steve Bryant, privacy groups arent necessarily satisfied with such data being kept for up to two years, particularly given the fact that both Google and AOL have inadvertently released search data online. "Googles privacy practices came under some scrutiny last year when an error at AOL caused personally identifiable search data to be released online," Bryant writes. "At that time, Google CEO Eric Schmidt promised data breaches would never happen at Google, only to be proven wrong this January when Google accidentally released some users banking data." As for the rest of the report, Cutts says, it "just baffles" him. "The report claims (I am not making this up) that Every [Google] corporate announcement involves some new practice involving surveillance. I know that my years of working at Google may bias me, but does that sound impartial?" Cutts also pointed out that a more useful approach for a privacy group would be to look into ISPs that actually sell user data, such as credit bureau Experian, which announced in April that it would purchase Hitwise. Hitwise collects and aggregates information from more than 25 million Web users and keeps an eye on nearly 1 million sites. Davies defended PIs focus, saying that the group wanted to go after companies that claim to protect users privacyat least initially. Next Page: Counting the sins.
That incident is only one pointed out by Matt Cuts, head of Googles Webspam team, in a posting on his personal blog (which expresses his own views and not those of his employer) that took the PIs report to task.