Google Will Anonymize IP Logs Faster

An anonymous reader writes "The BBC reports on some changes to the data retention policy at Google in response to pressure from European authorities, but also included in the article is information about why Google claims they need to retain non-anonymised data for so long. Improving services, sure, but preventing fraud? Aiding 'valid legal orders'?" Reader s0ckratees points to some commentary on the change at Google's official blog. The upshot: IP addresses in Google's logs will be anonymized after nine months, rather than 18 as previously.

Scrape it

[smittyoneeach]

Scrape the log
To sparkling shine
So the chin
Hairless, divine
Burma Shave

Let it begin..

Let the "Google is teh evil" orgy begin.

(Posted this using incognito mode of the Google Chrome)

9 Months

... is still a pretty long time. Why does it have to be any longer than even a few weeks? And, will Youtube follow this route to help prevent another big Copyright infringement lawsuit?

Re:9 Months

YouTube == Google So yes.

Re:9 Months

[lysergic.acid]

considering the amount of data Google processes on a regular basis, a 9 Month backlog isn't that unreasonable.

i'm more concerned about Google not handing my data over to 3rd parties or governments than their retaining records of my searches. as long as they're willing to stand up for the rights of users, they can hold my search data for as long as they need to improve search results, reduce spam, and develop personalized search features.

Re:9 Months

[Bender0x7D1]

considering the amount of data Google processes on a regular basis, a 9 Month backlog isn't that unreasonable.

Sure it is. Why? Because they are collecting data continuously and if it takes a long time to process what they've collected, more data is backlogged, and it keeps spiraling out of control. In fact, if it takes more than 24 hours to process 1 day of data, the backlog will increase without limit. The proper thing to do is to apply proper anonymization to the information immediately so you don't have to worry about it. There are plenty of methods that allow you to anonymize important information while retaining enough data for analysis. Here's one paper [Warning: PDF] on the subject.

Re:9 Months

[lysergic.acid]

first off, Google's processing capacity isn't static, it's constantly growing. just because it takes more than 24 hrs to process a certain set of data doesn't mean that the backlog will increase without limit. that isn't a logically sound argument.

if you take that argument and reduce the time frame from 1 day to 1 hour->1 minute->1 millisecond... so on and so forth, you reach the conclusion that if Google is unable to instantaneously process/analyze every piece of data the exact moment it is received or created, then their backlog will increase without limit.

sometimes data needs to accumulated before it can be processed. for instance, to observe search trends, or to compare e-mails for spam analysis, etc. sometimes logs need to be kept for extended periods of time--that's why they're called logs--or data is retained for repeat analysis.

i don't know what exactly Google retains user data for or what kind of analysis they do, but it's understandable if some data needs to be retained in its original state for certain types of research or analysis. if they were going to release network measurement data to 3rd parties, as that paper you linked to discusses, then, yes, i would expect Google to follow their own anonymization guidelines. but like they've stated in their press release, it's all about finding a balance between protecting user privacy and improving the quality of their services.

perhaps the best thing to do is to give users the option to have their search requests retained for improving personalized search results, and let them enable/disable this feature as it suits them. all other data will simply be processed for a set period of time and then expunged.

if they're not releasing server logs to anyone, anonymization isn't really necessary. though i'm sure they allow users to access their services through anonymous proxies.

Re:9 Months

[Dan541]

7 days is good enough, why keep logs anyway? it just opens the system to exploitation.

Re:9 Months

[Idiomatick]

You sir have never run a large site.

Re:9 Months

[Dan541]

depends on your definition.

I assume you mean more than a single server, then no. I do keep server logs but can't recall the last time I ever looked at them.

So if you live in china

[HungryHobo]

And the government wants to know who's been searching for things they don't approve of they have to ask google for the logs every 9 months rather than every 18 months.

Re:So if you live in china

You may not like that Google keeps data, but they have an almost perfect record for keeping it private from others. Or did you not see the fuss they raised over YouTube data, and how even after being ordered to turn over their data, they still fought to reach a compromise that protected user privacy?

As for China, there's a reason Google keeps literally zero servers on Chinese soil. Even data for Chinese nationals is kept out of China, specifically so Google won't have to turn it over.

Short of not keeping data at all, there is pretty much nothing more they can do to protect privacy. But that's never enough for SlashDot...

Re:So if you live in china

[Adoxographer]

Like any other company, google will roll over if the price is right or the US government is turning the screws.

Re:So if you live in china

[yuna49]

China is the least of my concerns. How about the Justice Department or the Department of Homeland Security?

The Europeans might be pressuring Google to reduce its retention periods, but I suspect that Google heard the opposite point-of-view from the government here in the USA.

Frankly I think that none of Google's logs should carry identifying information. If they need to track IPs for some reason, put them in a separate database table that's unconnected to the contents of the search strings. Keeping this information much beyond a week or two seems unreasonable to me.

Re:So if you live in china

[TheVelvetFlamebait]

Truly, a human rights victory for the ages! Like that place ... uh ... what's it called? Something "square". I think it might be in India. Google's not coming up with anything.

Re:So if you live in china

[zoogies]

Whew! Good thing I'm in America.

Re:So if you live in china

[Gerzel]

That order was from the US government and they were turning the screws, perhaps not that hard but they were turning.

Now I don't think google is the great force of good, but it so far is at least neutral which is more than can be said for most companies its size and scope.

Re:So if you live in china

[rtb61]

Do you realise how pointless it is anonymising IP adresses after 18 months or even 9 months, via simple data base associations they can link access to a particular individual and no longer need the IP adress for longer term analysis. Based upon those records and intervening IP adress records any new access can be tied to existing database and the individual user.

In fact google clearly state they are only anonymising the users IP address and do not talk about any other long term user records. Even their privacy statement to the EU whilst it does state it is not 'necessary' for a user to divulge their identity when doing searches does not clearly state that those searches are tied to the use based upon past records via data mining their massive data bases. For google to indentify the user once the they have cookies in place and the data gathering scripts running all over the web, the IP address whilst convenient is hardly necessary. Of course their reasons for using private data are so broad they could mean virtually anything.

Providing our services to users, including the display of customized content and advertising

Auditing, research and analysis in order to maintain, protect and improve our services;

Ensuring the technical functioning of our network; and

Developing new services.

If google want to be truly genuine about respecting a persons desire for privacy why don't they contact every person they have records on to ask them whether they would like those records cleared and no further data to be stored against them, at least once a year or even perhaps based upon their own public statement every nine months or, was is it all just a bit of love and trust google viral marketing.

Re:So if you live in china

[Wowsers]

The Europeans might be pressuring Google to reduce its retention periods, but I suspect that Google heard the opposite point-of-view from the government here in the USA.

Interesting the Europeans want Google to not keep logs on people, the complete opposite of the European Union who have no problem on keeping logs of people for ever longer time to see if they are a threat (to them getting voted out). The oppression loving UK government is interested in unlimited retention time of data.

http://news.bbc.co.uk/2/hi/europe/4527840.stm

The European Parliament has approved rules forcing telephone companies to retain call and internet records for use in anti-terror investigations. Records will be kept for up to two years under the new measures.

Re:So if you live in china

[magus_melchior]

It has to do with the accumulation of a lot of wealth by Google, and the fact that Google's business is optimized by collecting data about the users using its free services. It also has to do with the fact that no security system is impregnable, especially if it's connected to the internet as closely as Google is.

Some conspiracy theorists think that this means Google cannot possibly collect user data in a responsible way that does not breach privacy, or that there is no guarantee that Google will not release the data to partner companies in return for more advertising dollars. I'm willing to hold off on judgment unless there was a verifiable pattern of abuse by Google, but most here don't want to wait until Google "shows its true evil colors". Any perceived intrusion into privacy, even if it is opt-in, is unacceptable to many a libertarian here.

Re:So if you live in china

[natedubbya]

The Europeans might be pressuring Google to reduce its retention periods, but I suspect that Google heard the opposite point-of-view from the government here in the USA.

I also suspect they heard the opposite view in Ireland. It's fun to make flippant statements isn't it? Check out the actual news from Europe and you may find that the grass isn't greener over there.

Re:So if you live in china

[Idiomatick]

The EU isn't very fond of Ireland, basically they are shit disturbers...

Re:So if you live in china

[amRadioHed]

You get actual news in Europe!?

Yeah, that was fun.

Just out of interest

[sakdoctor]

How do you Anonymize IP logs?
Any hash can be "reversed" because the search space is so small in this case (2^32)

On the other hand, any one-one mapping can only be compared to others in the log whilst you keep the mapping. (or key that you hashed your IP addresses with)

I read google scrubbed out the last octet of the IP. If that is so, that process doesn't really deserve the name anonymize.

Re:Just out of interest

[maxume]

Throw away the salt.

You still have the "Netflix problem", but that was related to the users publicly disclosing large amounts of information on a different site, which probably wouldn't come into play here.

Re:Just out of interest

How do you Anonymize IP logs?
Any hash can be "reversed" because the search space is so small in this case (2^32)

Not necessarily. Just add salt.

Re:Just out of interest

[sakdoctor]

Salting goes without saying -1 uninsightful

I'm talking about the fact that it's 2008, and that search space could be exhaustively searched in a matter of hours on a desktop machine.

As the poster below me points out, "throw away the salt" is an answer, but it means the logs can only be compared to other logs in the time frame that you were using that salt.

Maybe IPv6 will make anonymized logs more feasible because of the 2^128 search space.

Re:Just out of interest

[Fusen]

you could simply use md5 and use the IP as it's own salt.

Re:Just out of interest

[PReDiToR]

How do you Anonymize IP logs?

By using Scroogle.

Note to mods:
I got my karma for this post here, don't mod me up again for the same information <grin>.

Re:Just out of interest

[geminidomino]

I'm hypertensive, you insensitive clod.

Re:Just out of interest

[HungryHobo]

So I generate a table with 2^32 IP addresses and their MD5 with themselves as the salt, it doesn't enlarge the search space in this situation and I can then easily do a binary search to find what the origional IP was.

Re:Just out of interest

[asserted]

use new encryption key every day. throw away the key that is 9month+1day old. problem solved.

Re:Just out of interest

[sakdoctor]

I should have been way more specific here.

What I'm saying is that IP (v4) addresses are uniquely problematic for being pseudonymized from the perspective of a web master, because of the tiny search space.
You wouldn't choose a 10 digit only password would you?

Say the threat model here is you are running a website and you get subpoenaed.

It would be great to be able to say, "OK here is a list of hashes of IP addresses, that's all I've got, have fun." ...but you can't do that for the reason I said above. If you then throw away the hash you can enjoy being held in civil contempt, and with the hash they could brute-force them all in trivial time.

Re:Just out of interest

[Dan541]

The same way /. Anonymizes email addresses.

216.34.REVOME.THIS.181.45

Re:Just out of interest

[Dramacrat]

Yep, it's my current default search engine in Firefox. Even has an SSL-capable server.

Why the question.

[jellomizer]

but preventing fraud? Aiding 'valid legal orders'?

While I would say IP addresses shouldn't be the only method for these protection they do help.

Wow every site within 123.45.67.x seems to have a virus and malware on it. Oh a new site was scanned its address is in 123.45.67.x lets not publish right away lets put it threw full check. Or say 98.76.54.* always had clean site that were legit. A new site was found Well lets put it threw the quick checks and post it and queue it for full scan for later.

Yes knowing the IP Address and keeping track of it for months even years can be handy. The more data you have the better decision you can make.

Re:Why the question.

Put it threw? Put it THREW?! For the love of God, man...it's through.

Re:Why the question.

[Inda]

Give him a break, he's probably only six years old.

Re:Why the question.

[jellomizer]

Except for the fact that my account is 10 years old... I am just a bad speller deal with it.

Re:Why the question.

[ianare]

Web sites are, by their very nature, indexed by IP address. No one is suggesting anonomyzing web sites.

What is being anonymysed are the IP addreses of people that do a google search.

Re:Why the question.

[Khuffie]

Deal with it? Perhaps, after someone pointed out your mistake, you can in the future learn from it, instead of telling us to 'deal with it'. That wasn't a bad spelling or a random typo: you used a completely different word...twice. It made it difficult to read your post.

Re:Why the question.

[jellomizer]

Yes, Deal with it. Oh my God! a guy made a misspelling on a message board, actually it was just the wrong word. As spell checkers sometimes switch the words around. It is a problem that I have, Yes I have Dyslexia, and it is a constant battle taking me hours to write up a one page homework assignment for class, or half a day for a simple document for work. I am not going to spend 25 minutes witting a post, on Slashdot to make sure it is perfect. If it is difficult to read it means your mind is to closed to easily translate written language. As the concept of correct spelling is just over a hundred years old. Through vs. Threw are very similar words phonetically especially with an American accent.
Correcting a Bad speller on a post they cannot change is not helpful, only condescending. Will it stop me from doing it again. No. as the nature of my disability makes it difficult to make the connection between the right one and the wrong one. Within a day which one is right and wrong will fade away and the problem will occur again.

Re:Why the question.

[Khuffie]

Kk, iF 5P3llIN' i5'N7 IMPoR74n7 I K4N 74lk LIK3 7hi5 4Nd Joo wouLD'n7 H4V3 4nY difFIcUl7Y uNd3r574ndin' M3h, righ7? 4F73R 4LL, 73H kONC3p7 oF koRr3C7 5p3LLIn' I5 jU57 oV3r 4 100 Y34r5 OLD, 5O JOO 5hOuld 83 kk R34DIn' 7HI5.

Re:Why the question.

[ribuck]

I am not going to spend 25 minutes witting a post

If only everyone here spent even 5 minutes witting their posts, the quality of humor here would be much improved.

Re:Why the question.

[n3tcat]

Wow every Arab country seems to hate us and throw planes at us. Oh a new male was seen in an airport. His ethnicity is Arabic lets not let him board the plane right away lets put it threw(sic) full check. Or say whitey always had clean papers that were legit. A new white boy was found Well lets put him threw(sic) the quick checks and let him board and queue it for full scan for later.

Fixed that for you. Hope you see the lunacy of your statement now.

Re:Why the question.

[jellomizer]

The difference between occasional misspelling and wrong words vs. adding characters that do not have a Phonic meaning to them. You method is intentionally trying to officiate your message, A wrong word but attempted to by phonically correct (At least similar to the accent of the writer) isn't trying to officiate the message. 7337 speech or Elite speech was designed particularly as a method of making reading difficult as it required (Just so some internet geeks could feel good about themselfs when they write a message other people go what?!), this is more akin to bad handwriting vs. Bad spelling.
"Ok, if spellin isnt important i kan talk like this and you wouldn't have any difficulty understanding meh, right? After all the koncept of korrect spelling is just over 4 100 years old, so you should be ok readin' this."
So after I cleaned up the "handwriting" there are still a lot of misspellings but it is readable. After deleeted (hah!) your message it was actually easy to read.

Re:Why the question.

[Khuffie]

Sorry, I don't know your accent when I try to read something, nor should I to be able to comprehend it. Spelling is still important. For example, it took me a couple of reads to understand the line "A wrong word but attempted to by phonically correct" (that by was supposed to be 'be'). When you're reading a sentence and see a completely different word than what the word is supposed to be, it does throw people off the mark when trying to comprehend what you wrote, because they try to put the incorrect word in context and it fails to make sense. The misspellings after you cleaned up the l33t speak were introduced by the l33t speak generator I used online; my brain would start hurting if I tried to type like that. If you note, I didn't correct your spelling. I merely had an issue with you saying 'I have bad spelling. Deal with it.' Had you mentioned you're dyslexic then, I wouldn't have said anything.

Re:Why the question.

[jellomizer]

Your argument has flaws in it.
Checking IP Address is less like profiling an individual but the location. Even before 9/11 there has always been more security from people entering from plane in a different country. A plain from UK would be treated differently then a Plane from Switzerland (even if all the passengers are White Americans).
While they will all be security checked. There are fast tracks open for known friendly location vs. Neutral Locations.

If it is known that a Netblock owner is lax about the content that it gives, then it will attract unsavory people, vs. a netblock owners who are very careful. Why bog servers down for mostly trusted locations a quick check to make sure there is no spy-ware installed, or a fast check to see if links are not any trouble pages.
Vs. from a site that tends to have trouble so there will be the spyware check then follow the links 3 levels down to insure it doesn't bring to spy-ware, or put a hold on it for a day to see if is the same page tomorrow.

There is no point for heavy scanning netblocks that have good data. Lets say search on Microsoft MSDN, Like or Hate Microsoft the point is the data will not hurt you or your computer (for a standard configuration) And Micosoft is careful to not have dangerous content on that site... However MSNBC or more add driven sites may have a more lax content. Linking to a dangerous site is more hazardous so a more carfull check may take place.

The Diffence between a good site and a bad site may be between 1 second to 10 minutes (assuming they don't put a hold on a request) But if you can get those 1 seconds out faster then you could double your output of safe data.

Re:Why the question.

They are not talking about IP addresses for web sites. They are talking about the IP addresses of clients submitting searches.

Re:Why the question.

That was relatively easy to grok.

Too little too late

[Elisanre]

The subject says it all realy. Do no evil my ass

Re:Too little too late

[Lyrael]

And just what evil have they done with this data, exactly?

Re:Too little too late

[The+End+Of+Days]

They are evil by their very nature - provided the definition of evil is watered down to Slashdot standards.

Evil meaning: they make money.

Re:Too little too late

[Lyrael]

Bastards! How DARE they make money?!

I retract in full my previous statement in favour of the notion that anyone(thing?) with money is inherently evil.

Re:Too little too late

[Elisanre]

They are welcome to make money if they so desire, just keep information about me non-traceable and dont hand it over to any three-letter agency or government.

so is this the article?

[circletimessquare]

is this the eclipse article?

the article at which your average slashdot opinion finds the bulk of google's behavior to be more reprehensible than the bulk of microsoft's?

or do we need a few more months and stories like this before that threshold is reached and google becomes enemy number one?

do no evil my ass

Don't worry

Google has enough data to un-anonymize them later.

Is Google singular or plural?

The summary reads "...Google claim they need to retain..." The use of *claim* rather than *claims* suggests that Google is being viewed as something other than a single entity.
Am I missing something or was that just a typo?

Re:Is Google singular or plural?

[dattaway]

The summary reads "...Google claim they need to retain..." The use of *claim* rather than *claims* suggests that Google is being viewed as something other than a single entity.Am I missing something or was that just a typo?

I'm sure their partners will retain the good stuff.

Re:Is Google singular or plural?

[torstenvl]

British English, dude. At some registers, collectives are viewed as plural, not singular.

Search BBC stories for "Microsoft are" and such. (Whether that somewhat informal register should be used in BBC pieces is another topic entirely...)

Re:Is Google singular or plural?

[Anonymous+Brave+Guy]

Yes, I was treating Google as a collective noun, and yes, I'm British.

(I submitted the article. Amusingly, I appear to have anonymised myself while doing so...)

Re:Is Google singular or plural?

The summary reads "...Google claim they need to retain..." The use of *claim* rather than *claims* suggests that Google is being viewed as something other than a single entity.

Google is not a single entity, Google is a collection of people. :-)

Improving services, sure, but preventing fraud?

[Richard_at_work]

Improving services, sure, but preventing fraud?

Sure - AdWord fraud. Scrubbing logs quicker means less leeway for click fraud to be discovered.

Re:Improving services, sure, but preventing fraud?

[Adoxographer]

Has anyone ever heard a convincing reason why the data is needed for even this long? I don't mean nebulous claims about "improving" the service for the "customer", but actual 2+2=4 reasons.

Re:Improving services, sure, but preventing fraud?

[Richard_at_work]

I don't think Google *needs* a reason - they are scrubbing it out of good will more than anything.

Re:Improving services, sure, but preventing fraud?

[KrugalSausage]

[citation needed]

Re:Improving services, sure, but preventing fraud?

Maybe you should read the parent of your comment; An answer is right there.

Imagine an advertiser X who spends a large amount of money per month on Google ads. They are pay-per-click, so unscrupulous competitors could fraudulently click on X's ads to make it spend a lot more money with no gain. If X comes around the next month and says "We were going over the logs from last month, and we believe all the clicks from 123.45.67.89 were fraudulent! We want that money back!". Well, if you've scrubbed your logs already, you've not only lost a customer, you've probably opened yourself up for lawsuits. Get real short, and you won't even be able to demonstrate SOX compliance when you get audited.

Stuff like this has to strike a balance between many factors, and unfortunately for the user, privacy is only one of the competing factors. Six months isn't that bad, when you consider your credit card company and other providers of financial transactions MUST store transaction information for at least seven years (what, where, when, and for how much).

Google handing data over...

[topham]

Google is handing data over to a few 3 letter agencies. BIG SHOCK! OH NO! NSA Reads my email!

Seriously, I put google not handing over such data at somewhere between 0 and -1.

Re:Google handing data over...

[clone53421]

Are we talking 32-bit signed integers? Because if so, there's a lot of room between 00000000000000000000000000000000 and 11111111111111111111111111111111.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Why not after DHCP lease expires...

[GuyverDH]

Figure out a pseudo average for a DHCP lease... say 72hours, and make anonymous after that?

9 months are too long

[AtomicJake]

Actually, the IP should not be stored at all. Google might want to analyze the IPs to analyze and prevent attacks on its servers and additionally to get location information for its ad services. But there is no need to store it for a longer period -- unless you want to start massive data mining projects, which is exactly what is feared most from a privacy point of view.

So, any good news would be that the IP is not stored at all (except very temporarily).

Re:9 months are too long

9 months are too long

WHAT!? I propose that we shorten these nine long months immediately! This is an outrage!

Seriously though, in general I agree. Not storing them at all, ever, is not really a necessary precaution, but I think it should be drastically shorter than it is.

Re:9 months are too long

[Kong+the+Medium]

-- unless you want to start massive data mining projects, which is exactly what is feared most from a privacy point of view.

Aehmm, I don't know, how you would describe the inner processes of a search engine, but in my book massive data mining is involved. So you got at least one motive to store massive distributed data, like say, the IP and search terms from 75% of Internets population: Testinput, ZeitGeistmaterial or localized ads and/or search results. Sorry, but storing data is a result of computing data and entering data.

Remember: It's not the information that hurts, it's the way you use and react to it.

Re:9 months are too long

[AtomicJake]

-- unless you want to start massive data mining projects, which is exactly what is feared most from a privacy point of view.

Aehmm, I don't know, how you would describe the inner processes of a search engine, but in my book massive data mining is involved.

Agreed, but you do not need to store persistently for months the IP address of the requester. You can store the tags with the requests (such as location info, AS range of the IP). For more personalized computations you can use cookies -- at least with cookies the requester has some sort of control over his information.

Apparently, Google does not require the IP info after 9 months. So, what do they do with the IP address during those 9 months? Why can't they do it more or less immediately and then just store the results of the operations?

Remember: It's not the information that hurts, it's the way you use and react to it.

True and false at the same moment. If you do not store massive amount of data, you cannot misuse it (or anybody else, if you leak it). Privacy means that you store only the data that you really need and only as long as you need it.

Re:9 months are too long

[skeeto]

9 months are too long

I am sure many women, especially mothers, agree.

Google anonymizing in China/India

[ilovesymbian]

What difference does it make to reduce this 18 months to 9 months log retention period?

Will Google anonymize logs in other countries too?

How about Google China? It respectfully hands over logs to the authorities on demand anytime. Same with Google India.

I've just done it.

[caluml]

It's OK - I just did it.

peon@google ~ $ /bin/su -
Password:
google ~ # psql searchlogs scooby -W
Password:
Welcome to psql 8.0.15, the PostgreSQL interactive terminal.

Type: \copyright for distribution terms
\h for help with SQL commands
\? for help with psql commands
\g or terminate with semicolon to execute query
\q to quit

searchlogs=> DELETE FROM searchlogs WHERE ts < NOW() - INTERVAL '9 months';
DELETE 551719812875516
searchlogs=> \q
google ~ # logout
peon@google ~ $ logout

Mod parent up

Google are the shadiest characters on the Internet. If they're such champions of privacy they would allow me to click a check box in "Settings" that would eradicate my IP records and, more importantly, my search history, from their logs.

Google Web History goes back to April 2005 here

[shellac]

It appears this 18 months, or 9 months as it is now, does not apply to Google Web History when you are logged into your google account. My Web History log goes back to April 2005.

I for one am glad they are not deleting the Web History log at 9 months. It is nice to be able to peruse through my searches done years ago.

Re:Google Web History goes back to April 2005 here

[geminidomino]

I for one am glad they are not deleting the Web History log at 9 months. It is nice to be able to peruse through my searches done years ago.

We Agree.

--Your Friendly Neighborhood TLA

Anyone else read this as...

[bitfarmer]

...'George Will Anonymizes IP Logs Faster'?

I gotta loosen my bow tie a bit and get back to work.

And the backups?

[BoredSillyNZ]

And I'm sure they don't have backups of the logs, user data etc ... This is nonesense, nothing is 'anonymised'

Just change the law

[nurb432]

Extend record retention times out by law. Google will have to comply or no longer do business there.

Nice try tho.

Clusty

Clusty is a search engine which does not track you. You can read their privacy policy. No cookies.

http://clusty.com/

Re:Clusty

[jsalbre]

Their privacy policy specifically says that they DO keep logs of your IP and search queries.

Google need's it's own country?

[blahplusplus]

I always thought Google should buy Sealand or some other country and move it's operations there outside of United states laws, it would do a lot of good if we had a country that didn't have such crap... abuses of new countries laws or lack of laws non-withstanding

Re:Google need's it's own country?

[Lennie]

Well it's "up for graps" at a 750000 British pounds.

anonymizing search history is not possible

[pulse2600]

Even if IP addresses are removed or changed, search history is still not anonymous unless the records of search results get shuffled together. As long as all the search terms and results from one address are kept together in one record or otherwise tied to a unique identifier of any kind, your search habits and results can still be traced back to you. Anonymous search data is a myth.

scroogle.org - An ad-free Google search proxy whic

Let Google log scroogle's proxy instead of your IP.

Woo!

[Vertana]

Now I only have to escape 9 months after I blow up a school! And then they'll never know I searched google to make the bomb. Thanks Google!

do the anonymizing yourself

[cats-paw]

Tor isn't great for high bandwidth connections, but I think it's just perfect to make sure all of those do-gooder large corporations don't get a choice about anonymizing IP addresses.

http://www.torproject.org/

What about Chrome?

[DigitAl56K]

I'd like to know if they also commit to anonymizing the client ID that is associated with every Chrome installation and the associated history tied to your account. After all, what's the point of anonymizing the IP data if your Chrome installation is tracking everything anyway? The same company would hold all the same information.

Good will? No. Enlightened self-interest? Maybe.

[Anonymous+Brave+Guy]

they are scrubbing it out of good will more than anything.

Well, not really. The European advisory group was recommending a 6 month maximum, and Google were at 18. As Microsoft have learned, Europe is not shy about going after megacorps that think they are above its laws, and privacy and data protection issues are hot political topics in various EU countries right now, with a lot of media coverage of leaked data and rising public awareness of the dangers associated with such things.

This was done out of "good will" for the same reasons that industries accept "voluntary" regulation schemes that appear not to be in their own best interests: because the alternative is to have compulsory regulation and legal sanctions applied, and that costs a heck of a lot more and in some cases threatens negligent company directors personally. At 18 months, the first big leak could have seen the political powers turn strongly against Google at a time when their continued strength in several fields is already in jeopardy. At 9 months instead of 6, it's more of a misdemeanour than a felony, as it were.

Eu's data r

[freqmod]

EU should not say anything unless they do something about "The retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC" which makes member countries pass laws that requires ISP's to save IP-adresses etc. for from 1/2 to 2 years.

But since the new US SPY ON AMERICANS law...

[harrie_o]

But since the new US SPY ON AMERICANS law...

... governs what happens here, its not how long Google keeps its logs that matters.

Pelosi led 105 republi-Crats on the "important business" last June that she waived her hand and took impeachment of Bush "off the table".

Obama followed her lead on July 9 and now SPYING ON AMERICANS is LEGAL here in the US with retention periods (we don't need no steenking retention periods ... thanks Obama). McCain did not vote for this and Hillary voted against it.

My point is that corporations can get the skinny on what and who you are and where you go online from the Big Cheese US Gov't now ... they don't need the little fish Google's help anymore.

Abuse possible. Naw, trust us soon the presidency will be in the same hands as the congress that got us this spy law passed.