Search Engine Privacy Explained

Kesch writes "Zdnet has a posted a FAQ describing the storage of personal information done by the search engines of AOL, MSN, Yahoo, and, of course, Google. They describe what information is stored, how it is stored, what laws protect it (none), how you can attempt to protect your privacy, and what Congress is doing with regards to the issue."

Speak for yourself

They describe what information is stored, how it is stored, what laws protect it (none)

As a company operating in the UK, and as I am a citizen of the UK, m privacy is protected by the Data Protection Act. I have the right to demand access to my data, and they are legally obliged to give it to me. If I find it to be incorrect, they are obliged to correct it. They can only use this data in the manner in which they are registered to use it with the Data Protection Registrar, and they can only share it with others under strict rules.

As I understand it, the rest of the EU have similar laws.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

What do you bet that if you invoked this, Google would say "But we're not a UK company!" Of course, when it comes to appeasing the ChiComs for a shot at the billion-enslaved-Chinese market, "We have to comply with Chinese law because we do business in China."

Google's "Don't be evil" veneer has worn off even quicker than I expected.

Re:Speak for yourself

Problem is, they can still collect it, and hold it for an unlimited time, as anyone can with information gained without explicit consent.

Re:Speak for yourself

What do you bet that if you invoked this, Google would say "But we're not a UK company!"

Like how Microsoft said "But we're not an EU company!" when they are being fined millions and forced to open up their protocols and file formats?

The bottom line is that if you want to do business in a particular country, you need to abide by that country's laws. Google want to do business in the UK (and China), so they have to abide by the UK's (and China's) laws.

Re:Speak for yourself

[FinestLittleSpace]

Nope, if they operate in the UK (which, obviously, they do), they are required to follow UK law. End of. Stop pointless 1337 g00gl3 bashing.

Re:Speak for yourself

[welcher]

This is a really important safeguard. Does anyone know whether my IP address and data associated with it would be classified as personal data under this (or similar) acts?

I use a work computer that has a fixed IP, so identifying me based on that IP would take all of abou 5 minutes - basically, that address represents me.

Re:Speak for yourself

[cyranose]

I'm not sure where the misunderstanding comes from, but it persists.

Google.com (US and intl servers) is still available to China UNCENSORED by Google (at least as uncensored as the US database is). Google.com is apparently censored or degraded by China or their ISPs to the point of being painfully slow, spotty, etc..

Google.cn is the new service that uses servers INSIDE the Great Firewall, therefore isn't censored on the international pipes and is much more available to the people who need it. The tradeoff is that the servers are INSIDE China and therefore subject to Chinese law, no matter what Google chooses. Google could say no censorship and China could say, "Okay, we now own your servers."

You can argue that Google shouldn't have created a second system for better service (in terms of access) with the caveat that some results are censored by law. But you can't say Google decided to censor China. It's not because "they do business" in China. It's because the SERVERS are in China. Chinese computer users can still get to Google.com (I hope) and have some choice in the matter.

Re:Speak for yourself

[mattwarden]

Google's "Don't be evil" veneer has worn off even quicker than I expected.

Yeah, and all it took is your hypothetical situation of something they might do in your mind! Elementary, my dear Watson.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

Splitting that hair doesn't make Google innocent of complicity with an oppressive regime. It's as if George Orwell's publisher published a PRC-friendly version of 1984 without all the obvious parallels to the government for use in China and excused themselves because the government was confiscating and burning the original version.

Bottom line: Google sold out freedom of speech for cash, no matter what contorted logic they and their apologists use to try to absolve them from the justifiable blame associated with having done so. Google is China's willing Ministry of Truth.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

I'll concede to you when the OP or another UK citizen posts that Google has complied by supplying him or her with all the information they hold on him or her, individually, and provides him or her with the opportunity to correct it. I'm not holding my breath.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

No, all it took was their complicity with an oppressive regime in censoring their subjects' access to the Internet. The hypothetical was merely an illustrative tool that seems to have failed to enlighten you. Please post back with evidence that Google has complied with the EUCD on an individual EU citizen's request when you find it--until then, it's not even completely a hypothetical.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

Oops--I didn't mean the EUCD (DMCA-style legislation purchased by the copyright cartel) but rather the UK Data Protection act. Please make the appropriate pen and ink change in the above post.

Re:Speak for yourself

You are the one making the extraordinary claim that a business operating in the UK is not bound by UK law, the burden of proof is all yours.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

I'm making no such claim, only that Google won't comply in one instance. Surely you can produce one example of their compliance. If you can't, then just concede already.

Re:Speak for yourself

[lordscotus]

I wonder if it might be a good idea for us US people to start using google.co.uk ??

Re:Speak for yourself

[Ph33r+th3+g(O)at]

I googled for "Data Privacy Act" on google.co.uk (anonymously, of course) -- there's no mention. Don't you think that if they were complying, they might provide information on how UK citizens can request and correct their information?

Re:Speak for yourself

I googled for "Data Privacy Act" on google.co.uk (anonymously, of course) -- there's no mention.

Do you think that might be because the phrase "Data Privacy Act" is one dredged up from your own fevered imagination? How about googling for a real world term like "Data Protection Act". You might notice, for example, that they are hiring for legal counsel with one of the repsonsibility being to advise all departments on data protection issues.

The problem here is you're just rambling randomly about how the evil criminal masterminds at Google might be breaking the law right left and centre and we have to prove they're not. This is mind bogglingly stupid. Yes, possibly Google managers are refusing to comply with data protection legislation or maybe they're running rampage with shotguns in London but you have to do better than "well because maybe they are and nobody has proved they're not and well maybe they are" if you want to convince anyone.

If you have any actual arguments then it might be interesting to hear them.

Re:Speak for yourself

[WilliamSChips]

Wait a minute, didn't Google try to not turn over their American records to the US government? They also don't give certain services in China because they'd have to stop respecting Chinese users' privacy to do so. Oh, sorry, what was that? I think your argument just fell down.

Re:Speak for yourself

[cyranose]

I don't think you understand the situation. Take a moment to consider:

1. Bejing is forcing the censorship. The only way Google could steer clear of it is to avoid all service to China. Who does that benefit? The Chinese people might never even hear about such a stunt.

2. All countries (even the US) have some level of censorship, so the test is not "selling out" vs. being true to some ideal. It's a judgement ca Or should Google stop service to all countries that don't meat your ideal?

3. As I said, Chinese can still (I hope) reach uncensored Google.com if they need it (albeit slowly).

4. Re-read 1984. The Ministry of Truth is not about twisting the truth, not censoring it. Good == bad, etc.. Are you alleging that Google rewords web pages to alter their meaning?

5. This US administration is more likely to use double-speak (again, re-read 1984) than anything I've heard come out of China. "Unwarranted Spying => terrorist prevention." Death Tax. No Child Left Behind. Would you argue that Google should not operate in the US to make a point about the Bush administration?

The one big complaint I do have about Google is that they should not log IP addresses. If people want to use their cookies for some service benefit, that's fine. But don't track my IP over time without my permission. On that, I call BS.

Re:Speak for yourself

[cyranose]

typo in previous post: the ministry of truth IS about twisting the truth, not censoring it. Sorry.

Re:Speak for yourself

Google sold out freedom of speech for cash

Bollocks did they. Google had the choice between supplying a censored version of their service to Chinese people, or not supplying any service to Chinese people. At no point did they have the opportunity to supply an uncensored service to Chinese people, so they simply couldn't have "sold out freedom of speech", even if they wanted to. They never had it in the first place.

Re:Speak for yourself

[j-cloth]

Are there any Canadian lawyers present? Does PIPEDA cover this? I know it deals quite strongly with personally identifiable electronic information, but (at least where I work) we usually assume that means SIN numbers and addresses. Do cookies count?

Re:Speak for yourself

[zcat_NZ]

I understand Google also mentions at the bottom of the page when results have been omitted, much the same as they do for DMCA removals.

Besides the government of china is blocking those websites, not google. As much as anything google's just removing results that the chinese won't be able to see anyhow. I'd be pretty annoyed if I look something up on Google and the first few pages of results are all 404.

The only other alternative would be for google to stay out of china. That'd be a loss for the 99.9% of chinese who don't know or particularly care about tianimen square or falungong and just want to do regular, non-controversial searches on stuff that interests them. It'd be a loss for the 0.1% that do, and aren't being told by yahoo or msn that their results are being censored by the government.

I've thought long and hard about the issue and I can't think of anything less evil that google could have done in this situation.

Re:Speak for yourself

[hounddog32]

try Data Protection Act, since that's what it's called, though you'll still find nothing...

Re:Speak for yourself

[jonathan3003]

I am curious to know, what happen if the US government demands google in the US to turn over some information about, say, the search history of a person in the UK?

After all, it is a global company, and such information might be actually stored in the US.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

The EU Act is called the Data Privacy Act, which is implemented by the UK Data Protection Act. Spouting off when you don't seem to really know what you're talking about is mind bogglingly stupid, to use your words. I guess I can't blame you for trying to go for the quick nitpick, shame you're wrong.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

Google would have committed stock price suicide if they publically turned over those records. And the Chinese privacy issue is more likely about cost than principle. You'll have to do better than that to convince the enlightened that "Do no evil" is anything more than (now quite unconvincing) marketing-speak.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

Point taken with regard to the Ministry of Truth--but I submit that selective censorship of information is the practical equivalent of twisting it. Hiding one viewpoint isn't much different than spinning another.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

You're kidding, right? Not offering any service would have been the morally correct thing to do -- collaborating with the dictators to "ensure access for the Chinese people" (i.e. ensure ad sales within China) isn't a noble choice. I suppose next you'll say it's okay because someone else would have come in with a censored search engine.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

Thanks -- the Data Privacy legislation is the EU version and the Data Protection Act is the UK version. Still no instructions on how to request your data or correct it, as you noted. That's because they're non-compliant, even though the Googlepoligists seem to be quite in denial about that.

Re:Speak for yourself

Crickets chirping, because Google isn't complying.

Re:Speak for yourself

[WilliamSChips]

Look at the other post replying to mine, it gives my opinion better than I could. And all the other search engine companies turned over their records, their stock prices seem fine. And the thing about not providing services, that's a bit hypothetical and hard to argue. You'll have to do better than that to convince the enlightened that Google's actually evil.

Re:Speak for yourself

The bottom line is that if you want to do business in a particular country, you need to abide by that country's laws. Google want to do business in the UK (and China), so they have to abide by the UK's (and China's) laws.

Google can only tie your google search history to your name/email address if you sign up to an account with them.

I suspect that part of the sign up involves a "this agreement will be governed by the laws of the USA" clause. So you opt out of the protection offered under UK law, or you remain anonymous.

Re:Speak for yourself

[jrumney]

You can't "opt-out" of the protections offered by the Data Protection Act. Clauses like that aren't worth the pixels they're written on, especially without a wet ink signature.

Re:Speak for yourself

[rtb61]

Well there is always an alternate, flood Google with false naughty searches, you privacy returns as a result of all the bogus data generated. So all you need now is a FireFox extension that will, execute random naughty Google etc. searches in the background while you are surfing the net (maybe even including random selections of the search data generated).

So when your real searches are combined with the fake ones, all the data is corrupted (no one can define what is real and what is fake in a court of law). Nothing like wads computer generated misinformation to keep the nosy freaks endlessly busy.

Re:Speak for yourself

Not offering any service would have been the morally correct thing to do

Don't move the goalposts. You never said anything about "the morally correct thing to do" before. You were explicitly referring to "selling out freedom of speech for cash". You only move the goalposts now because somebody called you on your bullshit hyperbole.

Whether Google did the moral thing or not, can you concede that they didn't "sell out freedom of speech for cash" like you originally accused them of?

Re:Speak for yourself

[Ph33r+th3+g(O)at]

No, because they did. Complicity with the Chinese government to censor is exactly that. There was no "goalpost moving" here. They sold out their so called values along with freedom of speech.

Re:Speak for yourself

So how did they sell out freedom of speech when they never had it in the first place? They could choose between being partially censored and being totally censored, and they chose partial censorship. Doesn't sound like selling out freedom of speech to me.

Do you equally condemn them when they are censored by USA law?

Re:Speak for yourself

[Ph33r+th3+g(O)at]

They didn't have to cooperate, they could have forgone the business which would have caused internal pressure against the censorship. With this acquiescence to the censorship, they have not only facilitated the destruction of freedom of speech, but endoresed it. All for money. Please see the example in my other post.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

While I don't agree with the DMCA, there's a big difference between Google, as a U.S. company, complying with U.S. copyright law and conspiring with a foreign government to suppress political and religious speech. And in the case of DMCA suppression, Google provides along with the notification, a link to chillingeffects which, with a wink and a nod, says exactly what was censored provides enough information to find the suppressed content in the first place. The vague notification at the bottom of google.cn might just as well appear at the bottom of every search there, as it provides no information as to what had been censored.

Re:Speak for yourself

[cyranose]

Hiding opposing viewpoint makes it possible for the government to say whatever it wants and have no open challenges. But then everyone knows it's the government's viewpoint. When MoT stuff gets tricky is when there is little or no censorship but the facts are still twisted.

Examples:

Global Warming. To counter any implication of censorship, let's show both sides of the debate. What debate? And so we do nothing.

Evolution. Again, in trying to be open, we let people believe there is some doubt about natural selection.

Iraq and 9/11. Did Bush need censorship to cause 50-60% of Americans to believe Sadam was responsible for 9/11?

If we take your arguments to heart, Google should stop all service to the US due to the War in Iraq. Of course, not everyone agrees the war is a mistake, just as not everyone even inside China thinks relaxing the level of authoritarianism will benefit them, just as there are people in the US that would love to see the US become a theocracy (i know a few of these).

I'm not in any way defending China. But so far, access to technology (and by that, education, information --even partial information) has been the driving force behind reform in China. Cutting them off to make a point doesn't help anyone.

Re:Speak for yourself

[mattwarden]

You still dont really get it. You need to provide evidence that they haven't complied with the EU Data Protection laws (or whatever it is). Until then, that's the very definition of a hypothetical.

As for your comment about China, there have been many many arguments made suggesting Google actually did the most ethical thing in the situation. But I won't debate that here, since it's covered in many other slashdot story discussions.

Re:Speak for yourself

[cyranose]

Following that argument, do you personally avoid all trade with China? Clothes, electronics, etc? I'm not saying you have to, but glass houses and all...

Re:Speak for yourself

there's a big difference between Google, as a U.S. company, complying with U.S. copyright law and conspiring with a foreign government to suppress political and religious speech.

The Church of Scientology supresses criticism of itself by using the USA's DMCA. That sounds very much like conspiring with a government to suppress political and religious speech to me.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

I actually do try to, but that's pretty much impossible with how deep in bed corporate America is with the ChiComs. But I submit that buying a pair of tennis shoes isn't quite equivalent to conspiring with a foreign government to censor inside their borders.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

Good show--I actually thought of Scientology after having written the post. However, in the U.S., as I said, the censorship is done with a "wink-wink, nudge-nudge, here's the complaint" that effectively serves as a pointer for the information Scientology or other DMCA complainers are trying to suppress.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

We both know that you can't prove a negative. But the lack of mention of the UK or EU law on Google's site points to a lack of compliance.

The ethical argument is expediency vs. right--at the very least, Google could be given credit for attempting an expedient solution. I frankly don't think Google gives a good g-d damn about the Chinese people, and see their actions as so indicating. But certainly the Googlepologists are entitled to think "engagement is the best way."

Re:Speak for yourself

[mattwarden]

We both know that you can't prove a negative

What? That doesn't apply here. No, show me a lawsuit. A news story. Anything.

But the lack of mention of the UK or EU law on Google's site points to a lack of compliance.

And the lack of tigers around me points to some genetic difference that keeps them away.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

Yes, there are no tigers here :). But then, I would expect those living near a tiger habitat to take some precautions against tigers, just as I would expect a Google complying with a privacy law to talk about doing so and name a compliance officer on their site.

Re:Speak for yourself

[mattwarden]

That's fine. But not saying so is not evidence of non-compliance.

Re:Speak for yourself

[Ph33r+th3+g(O)at]

It absolutely is--they're not acting the way a company complying would act.

Re:Speak for yourself

[mattwarden]

Wow. Remind me to stay away from any country whose government you found...

Re:Speak for yourself

[Ph33r+th3+g(O)at]

This is a civil matter, not a criminal one, so you'll be safe in my country. I won't even make you surrender your passport.

Not Surprising

[valisk]

None of this is exactly surprising as it should have occured to anyone who cared to think about the issue.

But it does leave a legitimate question.
Will those bastards at Google tell my wife about my chronic pr0n addiction?

Re:Not Surprising

[paulthomas]

Will those bastards at Google tell my wife about my chronic pr0n addiction?
No, but /. might.

Love,
Your Wife

Re:Not Surprising

Since when did same sex marriages become legal on /.

I sure hope his "Wife" isn't named Paulthomas ;)

Re:Not Surprising

[nko321]

Your wife's /. handle is paulthomas?

Re:Not Surprising

Is that you John Holroyd?

Great........

[technoextreme]

The only law on the books relating to electranic privacy is as old as I am. Im not very happy knowing this.

opt out...

[mytrip]

Google lets you remove your phone number from their database so other people can't look you up. They ought to let you remove your search history from their databases as well. I'm going to suggest this in their support forums.

Re:opt out...

[MoonBuggy]

And if they won't remove it, we should be able to make it useless. Just a little program that runs constantly and searches for random words (both innocuous and suspicious) at random time intervals (probably less than every minute). It would use little bandwidth and would result in your 'search dossier' being inconveniently large and legitimately deniable.

Re:opt out...

[The+Cisco+Kid]

They do. Just log in to your google account and click 'Search History' (at the top), then 'Remove items' (on the left) - As well as the ability to remove individual searches or clicked results, there is also a "Clear entire Search History" option.

Re:opt out...

Better yet, you could search on behalf of other, anonymous users. At least it would be a useful use of bandwidth.

Re:opt out...

[welcher]

It is unlikely that this removes all the information they have about your search history. It may clear it from your google account but the search associated with the IP address may well remain, so the history could be reconstructed from that info (supposing that you have a fixed IP address). This is just speculation on my part, but I dont think that having a google account would actually give you more privacy than not having one.

Re:opt out...

[mikeisme77]

I'm not seeing this option... I go to Google, click 'My Account' (while logged in). I can edit my password (and security question), edit my name, delete ALL account info., or delete my gmail service. Nothing about search history and such... I'm in the US, where were you that you had those options?

Re:opt out...

[TubeSteak]

I saw a link to this in a Slashdot thread a few days ago

http://www.ghostzilla.com/ghostzilla-cd/index.html

Runs from a CD without installation, keeps setting and history hidden and encrypted, and coolest of all: It runs your browser inside any part of an application you're working with. If you move your mouse away from that window, the browser dissappears and your regular work returns.

Re:opt out...

[jacksonj04]

Much as this is a nice idea, what you search for is fed into some quite complex algorithms to determine what people are likely to be looking for. If you have an application feeding Google or any other engine a load of irrelevant searches then they lose their ability to improve search results based on pattern matching.

Re:opt out...

Just a little program that runs constantly and searches for random words (both innocuous and suspicious) at random time intervals (probably less than every minute). It would use little bandwidth and would result in your 'search dossier' being inconveniently large and legitimately deniable.

like the Internet is inconveniently large. Google is a search company.

Re:opt out...

[symbolic]

In that case, it would behoove Google to respect some modicum of privacy. As I understood it, Google was the *least* conscious of all of them, and quite surprisingly, AOL the most (according to this: http://yro.slashdot.org/comments.pl?shttp://yro.sl ashdot.org/comments.pl?sid=176244&op=Reply&thresho ld=0&commentsort=0&mode=thread&pid=14642454id=1762 44&op=Reply&threshold=0&commentsort=0&mode=thread& pid=14642454 )

Re:opt out...

[deathy_epl+ccs]

Maybe this is because AOL has paying customers, so must be more conscious of their customers. It seems like lately, AOL has actually been putting forth a lot of effort for their customers.

Doesn't mean I'm going to be switching, but they've managed to very quietly be doing some good for the people that pay their bills.

Re:opt out...

[Original+Replica]

As I understood it, Google was the *least* conscious of all of them,

This kind of data collection is partially WHY Google has such a good product, tracking users is gonna be useful research if you are trying to make a more intuitive search engine. This is no different than the feds getting your credit card history or going through your trash, it doesn't make the card company or the trashcan EVIL.

Re:opt out...

[infolation]

Excellent idea. Also, this little program would also need to randomly click on returned search results, and pretend to be whatever browser you were normally using to surf the net. Otherwise your real searches would be distinguishable from the fake ones. And the dictionary of random words could be weighted towards the most commonly used search terms.

Re:opt out...

Some time ago it became apparent that google searches were tainted. The topic of my previous searches were interfering with my new searches. If I happened to search for something about a Ford, my searches would include something about linux or whatever. Those bastards at google think they are becoming smarter, but the searches of yesteryear were better for me.

Re:opt out...

No, it would randomly choose a browser to mascarade as. According to the article, it would need to read in cookie information from your browser though. I could see this as a firefox extension.

Re:opt out...

[gd2shoe]

clear out your cookies and at the same time get a new IP address (reset your DSL router or whatever). Unless they have another tracking tool available, they will lose you in the crowd.

Just before anyone jumps down this fellows throat.

[reality-bytes]

Yes, I know that Google, Yahoo etc are US companies.

However, they have UK operations and these operations will fall under UK law. In the case of Google, trying to access google.com will usually force you to google.co.uk if it detects your IPs geographical origin as being in the UK.

It would be reasonable to assume that the UK DPA would apply to information aquired by the UK operations of US companies.

Anyone entering dodge search terms

[Ph33r+th3+g(O)at]

and not taking the easily available countermeasures (e.g. TOR, JAP) is playing with fire. But this isn't necessarily bad news for Google--if they can charge a "reasonable fee," they could make complying with subpoenas from prosecutors on fishing expeditions, the entertainment cartel, and divorce attorneys into a profit center!

Re:Anyone entering dodge search terms

[Maximalist]

Well, being able to get all of the google searches somebody performed in a certain time frame would be useful to lots more than just divorce lawyers... There are plenty of legal matters where "intent" is a factor... for example, in some states the tort of civil conspiracy requires proof of "malice". Search records, and more general net usage records could go a long way toward proving malice or other states of mind. Since lawyers are required to be zealous in their representation of their clients, subpoening this stuff is going to become much more common once it gets onto lawyers's radar.

Re:Anyone entering dodge search terms

[Ph33r+th3+g(O)at]

Right--I don't remember who said it, but someone referred to Google's search history data as a "database of intentions." It was sometime around then that I started anonymizing my access to the Internet to the extent practical. I don't want the (example) fact that I was curious about eco-terrorism to make me a suspect in a fur-vandalism case or worse sometime down the road.

Worst Case Scenario

[xXBondsXx]

Let's think about the worst case scenario here: if search engines are required by law to give up their search history on a particular person, sure it's scary but it doesn't mean much. If you're in court for murder and the evidence is circumstantial at best, will the fact that you googled for "hot sex" and "people dieing" really get you that life sentence? Obviously this applies at a lot more to child pornography and copyright cases, but for some reason I don't think it would sway the majority of criminal cases. Even if google made some kind of GoogleSearchLookUp application right next to Earth and gmail, curiosty != guilty. If a lawyer brought this up, the judge would probably get all sorts of relevance objections from the opposing side, but I can imagine the jury being swayed by such evidence. Still, I think this is just another one of our privacies that we are throwing away today. If kids are getting arrested for requesting copies of the Little Red Book (discussed previously on slashdot) in libraries, I just wonder what you would get for googling "how to kill the president". In TFA, they quote one Harvard law professor calling the subpeona power "a blank check." I think in the future, Google will be forced to hand over their huge search histories on a daily basis for the federal government, and it would just be another big brother thing. Having this information is very useful to Google (study demographics of particular topics), so deleting it is a huge blow to their power Personally, I am infuriated that the government can just request this information at will. And we ALL know that this information won't be used JUST pursue terrorists...

Re:Worst Case Scenario

[Ph33r+th3+g(O)at]

The power for the government with respect to search histories is that they've been compiled without the users' having realized they might be turned over to the government, RIAA, lawyers, et al. But now that awareness of this has increased, the use of search histories as a surveillance tool is going to decrease dramatically, as people will realize their searches are visible through the electronic fishbowl and think at least twice before searching for anything that would reflect badly on them. This is doubly true in your described scenario of a daily feed to the Feds.

It's possible that such a handover has been happening all along, in secret--the whole Justice department porno search flap might only be a smokescreen to make people think this isn't the case.

Re:Worst Case Scenario

[zaajats]

Actually the kid "who got arrested" made up the story.

I agree on everything else

Ah, yes, the federal government

[typical]

...and what Congress is doing with regards to the issue.

That would be *other* than seizing our search data to try to prove that porn should be banned on the Internet, I assume.

Nothing new

They had this back in 1984: Memory holes.

If you recall, all information placed in memory holes was supposedly destroyed, but it turned out that the government actually retained every item, and they came in handy for interrogation sessions.

Re:Nothing new

Would it be too much to ask for an article about privacy to be posted on Slashdot without a comparison of an incumbent government to Ingsoc being modded +5 Insightful or +5 Interesting?

The GoogleWatch Guy

[paulthomas]

Okay, so we all thought to some degree that the guy behind GoogleWatch was a nut. I suppose right now is when he can say: I TOLD YOU SO regarding the ability to compile search histories thanks to the never-expiring cookie.

Best,
Paul

Re:The GoogleWatch Guy

[ELProphet]

Is this new? Looking at the cookie, it's right there: Expires Sunday, January 17, 2038 8:14:17 PM. I am doing a bit of research of my own on Google Personalized search, comparing different search results with Personalized on and off, moderate safe search High med-low, different computers, etc, etc, and I'll post a link to it when I've got a bit more.

Re:The GoogleWatch Guy

[paulthomas]

It's not new to /., but I suspect that to most web users it is.

Most people on /. I think never ascribed* sinister motives to the people at Google.

However, the situation is now ripe for abuse: we have a government that is more cavalier with using its powers, and we have a citizenry who care less and less.

Best,
Paul

*Most -- quite reasonably in my opinion -- still do not think of google as evil.

Re:The GoogleWatch Guy

Okay, so we all thought to some degree that the guy behind GoogleWatch was a nut. I suppose right now is when he can say: I TOLD YOU SO regarding the ability to compile search histories thanks to the never-expiring cookie.

The GoogleWatch guy is a nut, regardless. Also, the ability to compile a search history per IP is based on the sinister technology of web server logs, and has nothing to do with cookies. Cookies store your user preferences. They don't expire for a long time because how would you like it if Google threw away your stated preferences every month or so?

Re:The GoogleWatch Guy

[analog_line]

That is only if you don't block all cookies unless there's a good reason not to, like I do.

IP anonymizing is still necessary if you're on a static IP, but it's simplicity itself to refuse a cookie from google. There isn't any reason other than tracking for google to need one, so I've never accepted it.

Re:The GoogleWatch Guy

[Everyman]

Google Watch also runs Scroogle.org, a proxy that scrapes Google and/or Yahoo. One reply to the post says that I'm still a nut. But while I may or may not be a nut, this reply from an Anonymous Coward is wrong about the cookie. You don't need a globally-unique ID in a cookie to save the user's preferences. That is NOT the primary purpose of the cookie, but rather a convenient cover story for Google. The purpose of the cookie is so that you have a unique ID to tie together the activity of a single person who uses different IP addresses over time.

In fact, you don't even need a cookie to save preferences. All you need is a specially-crafted URL that you save as a bookmark.

Assuming that you delete your cookie constantly, or use a browser that lets you define your search engine cookie as a session cookie despite the expiration date, then the question becomes, "How do I change my IP address, which tends to be a bit too sticky for my tastes now that I'm on broadband?"

Broadband providers have different policies in different parts of the world, or even different parts of the U.S. But as someone who recently has been a Timer Warner Cable broadband subscriber, and switched to SBC/Yahoo DSL broadband, it seems to me that the key to getting a fresh IP address -- at least in San Antonio, Texas where I'm located, is to show a different network interface card MAC address to your provider.

I have two computers, and when I switch my Ethernet connection to the other computer, both the cable provider and the DSL provider tended to give me a new IP address. You have to power down the the modem and the computer while the switch is made, or else one or both might remember the old IP address and cause it to get reassigned. Before powering down your computer, clear your old IP address in that window that shows your network connection, so thatn when it powers back up it looks for a new address instead of telling the modem what address it used to have.

Yes, your service provider probably has a list of all the IP addresses you ever used, and when you used them. But it's one step more complex for the bad guys to pull together a list like this from your service provider. Without this extra step, the information from Google won't be complete.

Of course, you can use Scroogle.org for your searches and not even worry about this stuff.

Google-analytics

In Firefox, Press Ctrl-U and look for google-analytics.com.

Slashdot uses this too. Gee, I wonder what does this is for now?

Re:Google-analytics

You're not looking hard enough. Looks like a statistics tool to me.

I love dry Brit humor.

>As a company operating in the UK...privacy is protected by the Data Protection Act.

Ha, ha, ha - that's a good one. Didn't you get the memo from Tony Bendover Blair? Amurika is your ruling authority.

Captain Peacock, are you truly free?

Congress:

Please feel free to stop doing stuff about stuff.

Thank you.

And since when

[Skiron]

"and what Congress is doing with regards to the issue." does Congress have to do with other countries/law?

This is a international issue, not some John Wayne film.

Bloody yanks.

Re:And since when

[heinousjay]

Yeah, but this is a US site, and you're effectively here as guests, so please stop shitting on our furniture and pissing in the punchbowl, OK?

Re:And since when

What is your complaint exactly? The corporations in question are American companies. American governments certainly have authority to regulate them.

Non-American governments probably also have authority to regulate them, in the sense that these companies most certainly have operations in other countries. Depending on the extent of those operations, other governments might have limited enforcement options, though.

A strong privacy regime in the US would benefit everyone. So would a strong privacy rights treaty between governments, provided local governments enforce it.

Re:And since when

[Skiron]

Then if that is the complaint, block access from outside USA like Bush did to his site did during the election if you don't want anybody to read it and pass judgment.

Re:And since when

[heinousjay]

What I guess I should have said is: it goes both ways. We can all be civil to each other, or we can all flame like raging assholes. It appears that, at least so far as /. goes, the choice has been made.

I don't understand why Europeans vent here so much. I chalk it up to trolling. Popular trolling, of course, but no better than the common GNAA horseshit. Since I can't fight the flow, I just insult right back.

Re:And since when

[klingens]

Google.co.uk is not a US site, neither is google.de. So unless google stops redirecting me always to google.de and unregister their .de domains, they better start adhering to our privacy laws. They are doing business here (many german Adsense adverts), so they have to follow the laws. And stop shitting on our (european) furniture.

Re:And since when

"They are doing business here (many german Adsense adverts), so they have to follow the laws. And stop shitting on our (european) furniture."

    This is unlikely to happen unless the government there forces Google to do so in a method that makes it impossible for Google to do otherwise. This would require procedures that would effectively make the government there partners in Google (unlikely to happen) What it comes down to is the US will and does grab info off companies like Google.

You only escape from big brother with be through technology.

1. Use of open source software (eliminates most of the backdoors and spyware)
2. Proxy software (not sold on TOR yet since it comes from Darpa)
3. Don't use email hosted by large American companies (MSN. hotmail, big Daddy)
4. Sign up with small ISP's (btw - that aren't whitelabels)
5. Buy hardward designed and manufactured by non-US companies. (since NSA forces companies to put backdoors)

The funny thing about the government's "just an IP" argument is that combined with other sources of data (say what IP you logged in with Hotmail that day and who pays the bill for the line) they instantly know who you are. They can mix data in with other people's opinions of you to build up a profile on you. No doubt there is a massive secret database somewhere of Americans and people around the globe.

Winning is the only thing at the hightest levels. When you willing to kill someone spying is a trivial issue. I'm not saying I agree with this (I'm a pacifist) but that's the way it is to these guys. My recommendation is don't trust any of them and focus on beating them with superior technology.

Should everything be 100% private. Of course not. However government should require warrrants and legwork when threats become apparent. They definitely shouldn't be only an SQL query away from summing up everyone's existence.

can you say irony?

[MellowTigger]

ZDnet uses url redirection in the links in its story. You know... the story that mentions url redirection as an unsafe practice.

Re:can you say irony?

[TubeSteak]

What mind blowing hypocrisy

Q: What about links people click on from search engine results? Can that information be turned over too?
Yes. Through a process known as redirection, Yahoo and AOL record what links people click. Unless the companies discard these records, they would be fair game for a subpoena.

The link they give is
hxxp://dw.com.com/redir?destUrl=hxxp://www.macales ter.edu/its/docs/howto/urlredirect/&siteId=22&oId= 2100-9588-6034666-2&ontId=9588&lop=nl.ex

Re:can you say irony?

[henni16]

I found this helpful script on a "bookmarklet" page and have added it as a bookmark to my browser's toolbar:

javascript:(function(){var k,x,t,i,j; for(k=0;x=document.links[k];k++){t=x.href.replace( /[%]3A/ig,':').replace(/[%]2f/ig,'/');i=t.lastInde xOf('http');if(i>0){ t=t.substring(i); j=t.indexOf('&'); if(j>0)t=t.substring(0,j); x.href=/https?\:\/\/[^\s]*[^.,;'%22>\s\)\]]/.exec( unescape(t))[0]; } else if (x.onmouseover&&x.onmouseout){x.onmouseover(); if (window.status && window.status.indexOf('://') != -1)x.href=window.status; x.onmouseout(); } x.onmouseover=null; x.onmouseout=null; }})();

One click and in almost every case the redirects will be removed from all URLs in the page.

Scope and Semantics

[Quirk]

Q: Let's say the Bush administration wanted to obtain a list of the names or Internet addresses of anyone who typed "how to grow marijuana" or "how to cheat on income taxes" into Google. Could that be done? Probably. If the Electronic Communications Privacy Act does not apply, all that's required is a subpoena from a prosecutor, and no prior approval from a judge is necessary. One Harvard law professor calls the subpoena power "akin to a blank check."

"The threshold rule is relevance," says Paul Ohm, the University of Colorado law professor. "Relevance has been quite broadly construed. As long as you can show that something's relevant to a case or criminal investigation, I think the litigant would have a pretty good argument."

The suggestion that relevance has been broadly construed is disturbing. The erosion of civil liberties needn't necessarily follow from the enactment of bad laws, but can, just as easily, follow from too broad an interpretation of existing laws and practices.

If the judiciary restrict the interpretation of terms like relevance to as narrow a meaning as possible there is less room for abuse, but in the present environment it's likely judges, not only in America, but in the west generally, will allow broad definitions of such terms to the detriment of civil liberties.

Re:Scope and Semantics

[megarich]

While the issue of privacy and violation of rights is definate cause of concern, I feel the example of "cheating on income taxes" or "how to grow pot" is silly. Contrary to popular belief, the government really doesn't give an f on these issue and cares as much about them as someone stealing a piece of candy from a store. Well it does care about cheating on income taxes but only IF you really do cheat on income taxes and I'm sure it'll have to be for an substantial amount of money too.

The government is not as much as a concern for me(since I'm confident enough people would freak out if they tried anything stupid to make them think otherwise) but google and the other companies I'm concerned with. They have very little guidelines or laws on what to do with the data and can pretty much do as they please with it. It's not always the known "evil" ones you have to watch out for. Its the ones that are pointing the finger at other people trying to get you to buy into their "don't be evil" mentality you need to keep both eyes on.

But wait! There's more!

There's still no mention of Macromedia Flash. Flash applets are very popular on most pages nowadays. They are used for ads, interactive demos, forms and more. But, people don;t seem to realize that they are also highly effective for storing information that can and is used for tracking purposes on your computer.

Have a look at
~/macromedia/Macromedia/Flash\ Player/macromedia.com/support/flashplayer/sys

or on Windows

C:\Documents and Settings\%UserName%\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys

Did you know that all of that was there? Do you know what's stored in all those files? Did you know that those files are accessible by any flash applet that runs on your system and that the flash applet can and does report back to its creator?

Then of course there are the problems due to Java script. Google has one for their analytics service that's all over the web tracking everyone. It's called Urchin and it's even in this page. Just look at the source for this page and search for "urchin.js".

People don't realize that they are totally OWNED!

Re:But wait! There's more!

[The_Wilschon]

Ah. Thank you. Just added another filter to adblock! No more urchins for me!

Re:But wait! There's more!

Did you know that all of that was there?
No
Do you know what's stored in all those files?
Looks like harmless "settings" files, not enough data to store a GUID
Did you know that those files are accessible by any flash applet that runs on your system and that the flash applet can and does report back to its creator?
So? looks like they have the same URL protections as cookies do. (which is arguably imperfect).

Sounds like FUD to me.. belongs with those "Your IP address is public on the internet!!!!" ads.
Google analitics and google syndiation are already on my adlbock list for annoying ads.

Re:But wait! There's more!

[darkmeridian]

Out of instinct, I Googled (TM) "urchin.js" while signed on to my Google Account. I think they're onto me! Wait, there's a knock on the doo---

Currently, it's all somewhat irrelevant...

[RobertM1968]

Because as long as the Bush Administration can claim that we are at war, the government is permitted various additional authorities that suspend numerous privacy and citizen protection laws. The current laws and pending laws (IMHO) are only there to make this (1) a permanent reality and (2) to (through the created legality) minimize the number of people who challenge the government's "right" to suspend the various laws that would normally protect US citizens by not having to openly invoke the use of the government's extended wartime powers.

Re:Currently, it's all somewhat irrelevant...

[TubeSteak]

Look n00btard. We already hashed through this topic in a recent /. article about politics.

Teh U.S. of A. is not at war with any country.

The sections of teh resolution(s) passed by congress that referred to the War Powers Resolution only do so in order to require the President to report back to the Congress/Senate.

Here is the link where I thoroughly refute the statement "The Congress authorized War Powers for the President"

Re:Currently, it's all somewhat irrelevant...

[tehdaemon]

You missed a somewhat subtle nuance in his statement. Assumption, - you are right and we legally are not at war. Bush can, and is, still claiming that we are at war and is abusing this with his propoganda. Pretty much until the supreame court says no, Bush can still claim this. Whether he is right or wrong is mostly irrelavant.

Re:Currently, it's all somewhat irrelevant...

[RobertM1968]

Reality and perception are often quite different. The DOJ, Bush and others (including various news pundits supporting it) trying to ab(use) the president's "wartime powers" have already cited the "fact" that we are "at war" as "reasons" for such greivous disregards of people's civil liberties. Whether *they* percieve us to be at war - by the appropriate definition allowing the executive branch such powers is irrelevant when they are trying to persuade the public that such is the case while blatantly with much disregard for the common citizen utilizing such powers. And before the stink gets too high, more and more attempts to pass legislation enacting some of those powers in peacetime. Many of the public, for lack of a better understanding, are equating our current wars (which they are) as congressionally mandated and approved wars. If you convince the populace to believe the world is flat, that created perception drives people's actions and what they allow of their government based off that belief - reality is irrelevant for much of the populace. Oh wait, that already happened in human history... and our current situation is the same game. Get enough people misinformed, fill them with misperceptions until the legal reality is changed to support the current administration's ambitions of greater power with less checks and balances. Does that now clarify my point? I'd resort to namecalling right back atcha, but then again, I'm not a "think I know-it-all kid" (and if you aren't, dont act like one) who thinks that just because I believe something, the rest of the world does as well - and thus totally gloss over the fact that whatever your or my beliefs... they aren't necessarily (or likely) the beliefs of the rest of the US populace. I may be biased in this, but I believe that /. readers are a bit above average when it comes to cognitive reasoning and a lack of lemming like qualities that make many others in the masses nod their head and agree to whatever they hear on tv/in the news (though my bias is more based on the intelligence-level of most of the posts here as opposed to my own self opinion).

MOD PARENT UP!!!

I wish I had mod points for this guy.

A truly non-evil company would purge their logs after a short period, like AOL does after 30 days. But, once they go public they become corpirates that are determined to get you the consumer.

Take note

[GoofyBoy]

From the last page of the article (which I find the most useful part of the whole article):

How long do companies keep records of my search terms?
Microsoft, Google and Yahoo all said they keep data as long as it's necessary, which could mean forever. Microsoft did add that the company is "looking at ways" to provide users with the option to delete their search histories, and Yahoo made a similar statement.

AOL, on the other hand, says it deletes personally identifiable data after 30 days.

And they identify each unique user by the IP Address (with date/time) and/or a ID cookie.

Be forewarded.

Re:Take note

[Teun]

AOL, on the other hand, says it deletes personally identifiable data after 30 days.

Would that explain why AOL is pretty useless??

Re:Take note

[rbarreira]

No.

Re:Take note

Google actually goes a step further and also records the User-Agent string of the browser. According to MSN (on news.com.com) they don't assign IDs to people per se, that is across an extended period of time you will get assigned temporary IDs but they won't end up aggregated under one permanent ID like Google does.

As weird as it sounds, AOL and MSN might be the least invasive ones of the big four.

relevance

[nurb432]

Taken far enough, every action or even thought, might be relevant if you happen to commit a crime someday. So everything must be tracked.

Predict ( and prevent ) your future crime due to your behavior and thoughts today....

Google.nl

[Teun]

As you mention most European countries have fairly strict laws governing the collection and keeping of personal data, including the obligation to give access and possible redress.
Google has a Dutch portal and a Dutch sales office, both might make them responsible to follow the Laws of the Land.

Till now especially airlines have been exposed to the authority that is supervising adherence with this law but other companies with international operations are aware.

Teun@Tosh2:~$ whois google.nl

Rights restricted by copyright. See
http://www.domain-registry.nl/whois.php

Domain name:
google.nl (first domain)

Status: active

Registrant:
Google Inc.
Bayshore Parkway 2400
94043
MOUNTAIN VIEW CA
United States of America

Domicile:
Lagedijk 7
2064 KT SPAARNDAM
Netherlands

Sales Office Benelux
WTC2, Zuidplein 36
1077 XV Amsterdam
The Netherlands

Oops

[kalbzayn]

I was going to RTFA but then realized that zdnet is probably working in association with the government to gather information about people that would be interested in this article. And I'm not going to fall for it.

Re:Oops

[TubeSteak]

I think we've struck upon a /. template for the tinfoil hat crew.

I was going to RTFA but then realized that [Relevant Website] is probably working in association with the Government to gather information about people that would be interested in this article. And I'm not going to fall for it.

At least this way you have a reason for commenting without reading TFA

Re:Oops

[kalbzayn]

Glad to help. But I had to stop wearing my tinfoil hat when I RAFA that said that wearing hats causes premature baldness. I have enough problems without needing to worry about that, too.

Judges can use Google too.

[TubeSteak]

Judges are using Google too, which may or may not be a bad thing (depending on your opinion).

From one of the linked articles in TFA
http://news.zdnet.com/2100-3513_22-5211658.html

Some legal experts warn that Google searches are no substitute for the painstaking process of evidence and testimony. "If a judge is taking as proof facts that are reported in any public medium that pertain to individual actions by persons involved in a case, that is troubling," said George Fisher, a Stanford University law professor. "Those are the sorts of facts that are supposed to be proved in the courtroom under the rules of evidence."
...
"The evidentiary requirements are very important. If a judge goes off in his chambers and does a Google search and issues an opinion, the parties have not had a chance to argue about what 40,000 hits means. That's an important safeguard."The casual use of Google--instead of relying on more rigorous research techniques--has raised eyebrows inside the judiciary.

Emphasis mine, because I think that's a very persuasive argument against allowing judges to issue rulings based on the results of a Google/MSN/Yahoo/etc search.

Re:Just before anyone jumps down this fellows thro

[smoker2]

In the case of Google, trying to access google.com will usually force you to google.co.uk if it detects your IPs geographical origin as being in the UK.

No, not here it doesn't. You have to specifically enter google.co.uk as the address, unless they are using URL masking - which is possible as the first few results are always uk based. However, I have a gmail account so they already know where I'm located (presumably) and the first results are always paid for ad-spots anyway.

But having said that, what matters is where the end-user is located not where the page is generated (see French anti-nazi censorship story).

Ah, yes. Truth and Honesty: The New Flamebait.

Are the neocons and fascists now modding /. ?

How can I protect my privacy from search engines?

[TubeSteak]

It's interesting to note that they don't mention Internet Explorer in this section of TFA.

The Index.dat in your "Temporary Internet Files" and in your "Cookies" folders makes any attempts at privacy meaningless.

I made a simple batch file that loads on startup & deletes the Index.dat files. Works like a charm & I never have to think again about someone sniffing through my supposedly clean computer and pulling up my browsing history.

I also tossed in an extra two lines to clear my Temp folder and pre-fetch.

Become Private

[Slashdotgirl]

The following are just some of the programs, which provide a level of both encryption and anonymous communication for Internet usage:

• Tor: Onion-based routing that acts as a proxy layer between the client computer and the Tor network. http://tor.eff.org/

• I2P: Also known as the Invisible Internet Project. The network is regarded as a message based system. http://www.i2p.net/

• FreeNet: is a distributed information and storage retrieval system designed to address the concerns of privacy. Freenet is designed to be anonymous and totally peer to peer. http://freenetproject.org/

• GNUnet: is a P2P network that can support many different forms of peer-to-peer applications. http://gnunet.org/

There are other programs and if you do not want your "private details" known then you would be wise to use them. In addition, anyone who thinks their private data that is held by organisations and government departments is safe whether there is a "Data Protection Act" or not then they should think twice for example the "National Security Agency eavesdropping on Americans incident". This is not the first time nor will it be the last time that such incidents will occur. Without being anonymous, we can never have true freedom of speech.

Re:Become Private

[Slashdotgirl]

The following two articles should make it quite explicit as to what companies and governments are doing.

The EFF has an article. Where it's suing AT&T for breach of privacy.

The Electronic Frontier Foundation (EFF) filed a class-action lawsuit against AT&T Tuesday, accusing the telecom giant of violating the law and the privacy of its customers by collaborating with the National Security Agency (NSA) in its massive and illegal program to wiretap and data-mine Americans' communications. http://www.eff.org/news/archives/2006_01.php#00436 9

In addition the ACLU has an update article on the U.S. National Security Agency, spying on American people and the rest of the world. "Eavesdropping 101: What Can The NSA Do? http://www.aclu.org/safefree/nsaspying/23989res200 60131.html.

What is it going to take to stop this type of activity?

Friends of progress...

[paulthomas]

We're a step ahead of blizzard. UNITE!

The reason they want to use search engine data...

[mabu]

I'm not conspiracy theorist, but it seems pretty obvious the real value of this information and what the government might do with it once you examine the playing field and the objectives of all parties involved.

Frist and foremost, the Internet is currently unregulated. This really bothers most governments around the world, and probably the United States most of all. They want to have more control over this medium for a myriad of reasons, not the least of which is tax purposes and the ability to influence the populace. Look at what's been done with mainstream media and you can have an idea of what the powers-that-be would like to see happen to the Internet.

However, the government cannot simply arbitrarily announce they're going to start heavily regulating the Internet. That's not going to work, so the first step will be to try to use some kind of politically-correct issue, to shoe-horn their grimy hands into the issue. This is likely to be something like child pornography, which very few will have problems with. Things like COPA are good examples of regulatory laws which were passed with a minimum of opposition due to the PC-nature of the issues they addressed, but they all have the ultimate goal of setting precedents where the government(s) can tell you what you can do with your web site.

The demographic profiling done by companies like Google is a big part of the government's ability to make their case for additional regulation.

Make no mistake, this is and will continue to happen. Whether or not any of us think that it's practical to try to control/regulate what happens online, the government is sure going to try. With more and more commerce moving to the online world, and less dependence upon traditional media sources, big companies are going to want to have their piece of the pie, and they rarely play fair. We should be paying very close attention to what happens from the perspective of this plan. We should expect and anticipate a few popular scenarios to present themselves which will sway public opinion into allowing more government regulation of online activity. This may have to do with terrorism, child porn, or even spam. It's going to be an interesting time in the next decade as we watch and see how select corporate and government interests try to bully their way into having control of the Internet. Search engines are treasure troves of information they can use to prove any claim they want.

Re:Just before anyone jumps down this fellows thro

[janrinok]

Of course it does - Microsoft is a US company but when dealing in Europe it has to comply with OUR laws. Google is no different!

Oh.....

[kentrel]

Shiiiiiit

How do you protect yourself from search engines?

Now Slashdot published this article, It seens my article was rejected, so Im posting it here:

It's on the news and in other news.com, spotlighted by Google's refusal on providing search query history, that search engines may
have been collecting more than reasonable information about you, and without your permission (BTW I call my disabled cookie a explicit denial).

So I'd like to know from you, paranoic fellow: How do you protect yourself from search engines?

Besides not allowing cookies, I don't use search engines that use redirect and I block addresses already know to collect personal information as a business. But now I think it's time to step further, par to their insistence on collecting, or trying to figure, information that I explicit denied.

FYI I don't like proxies, first because a lot of them are maintened by people that instead are logging your connection, secondly because it's necessary just one bad guy using a public proxy to justice provide a warrant to log all the communication on that proxy, either from bad or good guys. And, it's not just my IP, it's also the other information that Google, for example, says to associate: date, search query, browser/OS, lang and cookies. I really want to confuse those bastards. If those SEOs morons can be sucessuful don't letting me find useful results on $valuable$ queries why we can't be in enforcing our privacy?

Since most of that information in provided by the browser I would seek for a Firefox Extension or a local hosted frontend. For further elaboration: every search would be followed by a flood of fake requests (different sources IPs) but with a fixed pattern (the query you want and a faked Browser/OS), if the information is likely to be false it has no value; every different query would be sent to a different server, Google for example have hundreds of servers world wide, bypass their nameserver and use a different server on every search, one pattern less and the problem to sync your searches on their side; improve bookmark/history search, to avoid searching again what you already did; other suggestions? And more important: the solutions?

What about the ISP's?

[CaroKann]

What kind of logs do they keep, even with dynamically assigned ip addresses?

Re:Just before anyone jumps down this fellows thro

[Aeiri]

In the case of Google, trying to access google.com will usually force you to google.co.uk if it detects your IPs geographical origin as being in the UK.

If you want to access Google US from anywhere in the world, http://www.google.com/ncr redirects you to the US version. I'm not sure about China though.... they probably have some sort of agreement against that with them.

Use Firefox PrefBar to Avoid Flash

[Via_Patrino]

Use Firefox PrefBar to avoid Macromedia Flash, it works, at least on MS Windows. Check the box when you see M Flash is essential to navigation.

Re:Ah, yes. Truth and Honesty: The New Flamebait.

[miu]

Are the neocons and fascists now modding /. ?

There has always been a wide spectrum of political opinion here. In the last couple of years self-righteous, right-wing, mouth breathers have become a dominant voice on slashdot. Sad really, because it turns what was once an interesting technology forum into just another echo chamber of morons chanting slogans and catchphrases at each other. I'm sure some people think it is a change for the better, but I think it has driven a lot of former slashdot readers away or at least reduced the frequency at which they read the site.

Incomplete advise on deleting web page files

[CaroKann]

Don't ever forget, if you see it in your browser, it is most likely stored on the hard drive somewhere. The article suggests that users clear their browser's history, cookies, and other temporary files every time they close down their browser. However, they fail to point out that simply deleting the files the usual way does not actually delete them. 'Deleting' files merely removes the file information from your file systems catalog entry. It is like removing the card catalog entry from a libraries' catalog system and then claiming the book has been destroyed. If you are truly paranoid, then you must use a secure file deletion utility, of which there are many. However, even these tools won't completely erase all traces of a file from your hard drive.

In addition, many add-on browsing tools, such as Flash and fancy tool bars, may store temporary files and histories on their own. Erasure tools, or the browser's built in cleaning feature, may not be able to erase these third party files.

Why should you care? Well, over your hard drives' lifetime, a tremendous amount of data will be stored that can be used to analyze you down to the microscopic level.

Re:Incomplete advise on deleting web page files

Don't ever forget, if you see it in your browser, it is most likely stored on the hard drive somewhere.

Not on my hard drive though. I run entirely from RAM and nothing gets saved to my hard drive unless I explicitly copy it there myself.

I use SLAX running as a "live CD" from my hard drive so everything gets written to the RAM disk, but it is fairly easy to modify if I want to.

Its not that I'm paranoid or anything, just that my 160 GB hard drive crapped out, so I opted for using this since I was a bit low on disk space for a proper install with only having a 40 GB drive that was quiet and a large music collection using most of the space. Though I have to say I quite like the way it works now, aside from the incovenience of manually copying the changes I want to keep, so I'll probably keep my setup when I get more space again and the added privacy is a bonus.

Re:Ah, yes. Truth and Honesty: The New Flamebait.

[Original+Replica]

So a guy that makes fun of congress trying to ban internet pr0n is in your opinon "right-wing", interesting. Come on, I think /. is if anything slightly liberal, and I live in NYC.

Actually, it seems to be opt-in

[wsanders]

I just logged in to this Search History thing. I have both GMail and a personalized home page, and even though I have been using Google for years my search history is empty. I had to opt in to the service to get it to start tracking, and then I was able to successfully suspend it again. I wasn't exactly presented with pages and pages of disclaimers though, and it's not clear if Google will disaasociate my search results from my login from now on.

www.google.com/psearch

[Helevius]

Check out www.google.com/psearch. This is a beta feature.

Re:www.google.com/psearch

[mikeisme77]

This is only for their personalized searches though. It doesn't include searches you conduct through Google.com while logged in to your Google account--only searches you conduct through their personalized search page. It's a step in the right direction at least. Although if their privacy policy works like their GMail privacy policy, than deleting your search history won't remove it from THEIR servers--just from your view of their information...

Re:www.google.com/psearch

No. It shows you all the searches you do through the home page too. And the toolbar. And the Firefox search box. And so on. Test it yourself. Go to each of these search boxes and put in some nonsense query, then go to Search History and see it there.

Support sites that protect your privacy

[mike2006]

Support sites that protect your privacy and limit government access to it. Pretty simple statement but not easy to do even with the variety of competing search engines. For example for Newslookup.com I can tell you that your search results tracking, logs and personally indentifiable information is regularly purged. There are other search engines that also make this claim however many sites use a 3rd party to display Ads. With every page display the Ad serving company will have logged the referring link from the page which includes your search term.

There are just so many levels at which you can be tracked and your private data can become public. In most cases I am against government regulation but I believe companies should be required to purge personally identifiable information along with tighter restrictions and penalities should private information be revealed.

It is likely the reverse will happen and perhaps that is an opportunity for competition where a cookie free news search engine with third party Ad serving such as Newslookup.com will benefit :)

WEEE!

[scutato]

I just realized there's a Search History option in Google...woo! Mine has cute fuzzy animals. :)

Re:The reason they want to use search engine data.

[natedubbya]

Frist and foremost, the Internet is currently unregulated. This really bothers most governments around the world, and probably the United States most of all.

You must mean, 'it bothers the USA the most among countries where the Internet is unregulated.' Otherwise, I don't know how you make such a claim with China's citizen firewall sitting in place. And I can think of many other examples of regulation that occurs outside the USA. But maybe I'm just being defensive...

Any alternatives?

So, what's a good alternative? Are there any good search engines that don't hoard user data?

Re: Just before anyone jumps down this fellows thr

[gidds]

Try it and see. On this (UK) machine, at least, pinging www.google.com and www.google.co.uk both resolve to the same IP address.

I gather it's the same elsewhere, too; www.google.com resolves to the user's local Google site.

(Anyone know how they do this? Is it by the user's IP address, or do they do route tracing or something?)

Which search engine to use?

[Physician]

Are there any search engines out there that do not log everything you do?

Google Analytics Fixes

[Fnord666]

A brute force approach for google analytics is to add the following to your hosts file:
# [Google Inc]
127.0.0.1 www.google-analytics.com

If you are using firefox, then there is an extension to customize your interaction with google. One of the preference sections is privacy settings. Options include anonymizing your user ID and never sending cookie data to google analytics.
labnol.blogspot.com has an article that discusses both of these options and also discusses how to add the hosts entry on a windows box.

Re: Just before anyone jumps down this fellows thr

[kernelistic]

In my case, it wrongly sends me to google.co.uk when it should be keeping me on the US site.

Re:Just before anyone jumps down this fellows thro

[jrumney]

However, they have UK operations and these operations will fall under UK law.

Even if they didn't have UK operations, if they collect the data of people located in the UK they still fall under the UK's privacy laws. Otherwise UK companies could just offshore their data collection. Although its rather theoretical, since the privacy laws aren't really enforced strongly, you could end up with a situation similar to the Dmitry Skylorov DCMA case, where an executive of Google could be arrested while visiting the UK for breach of the data privacy act that their company has conducted in the US.