There has been a bit of a dust-up in the world of online privacy following the
release of a report that smacked Google for not doing enough to protect the
privacy of their users. While the report seems to have some flaws, it’s one of
Google’s responses to the report that has me the most worked up: Google plans to
server logs after 18-24 months:
Recently, we took another important step to improve our privacy
practices by announcing
new policy to anonymize our server logs after 18 to 24 months, becoming the
first leading search company to publish a data retention policy. We also posted
the factors that guided our decision to retain server log data for 18 to 24
Matt Cutts, the Google search guru, also
this change on his personal blog.
In my opinion, 18-24 months is both too long and too short a time to store
customer’s data. It’s too short for people who are willing to share whatever
data they can with Google in order to improve their search experience. For
example, Google knows something about the terms I used to search for homes and
cars, but I don’t buy either of those items on a 18-24 month search cycle, so
Google will have to re-learn how I personally search for this type of item every
time I’m in the market.
18 months is clearly too long for people who value their privacy over anything
else. While there are options to completely opt-out of data collection, there is
a much better option that could be implemented by Google: give users control
over their own data. If everyone can see what’s being collected about them, and
choose a set of privacy criteria that feels right for them, everyone’s happy.
Some will say, “keep everything” others will turn everything off, and a large
group in the middle will set some limit on how much or how long they’re willing
to share information with Google.
People trust Google. They really really do to the point of sharing more medical
information with Google than they may feel comfortable sharing with their own
doctor. With that comes with a lot of responsibility to protect user’s data in
ways that users both understand and can control.