[233] in Privacy_Forum
[ PRIVACY Forum ] Comments on Google's Privacy Announcement
daemon@ATHENA.MIT.EDU (privacy@vortex.com)
Thu Mar 15 03:48:08 2007
Message-Id: <200703150640.l2F6efR5006253@chrome.vortex.com>
To: privacy-list@vortex.com
Date: Wed, 14 Mar 2007 23:40:40 -0700
From: privacy@vortex.com
Reply-To: PRIVACY Forum Digest mailing list <privacy@vortex.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Errors-To: privacy-bounces+privacy-forum=mit.edu@vortex.com
Content-Transfer-Encoding: 8bit
Greetings. Google has announced a significant change to their data
retention policy. Since I'm already being asked for my opinion
regarding their announcement, I'm sending this out now rather
selfishly to avoid having to generate a large number of individual
responses (though I'll be glad to discuss this in more depth upon
request).
First, the "raw" material:
Google's Press Release:
http://googleblog.blogspot.com/2007/03/taking-steps-to-further-improve-our.html
Google's PDF with more details:
http://216.239.57.110/blog_resources/google_log_retention_policy_faq.pdf
Michael Liedtke's AP piece:
http://www.chippewa.com/articles/2007/03/15/ap/hitech/d8nsbf801.txt
The gist of the announcement is two changes: The obscuration of some
IP address bits (currently it appears that this would involve the
least-significant octet of IP addresses recorded in the Google user
activity logs), and changes to provide for some form of cookie
anonymization.
Such an IP address change would allow for identification of any one
computer out of a group of 256, rather than the existing ability to
identify each computer individually. The actual impact of this
change from a privacy standpoint would vary greatly depending on the
type of addresses (dynamic vs. static) and the total range of those
IP addresses associated with any given organization. Cookie
anonymization effectiveness is more difficult to analyze until more
information regarding the algorithms to be used become available.
Both of these changes would be applied to data after an 18-24 month
period -- during which time data would be retained intact -- unless
future government data retention mandates require longer periods.
This is in contrast to Google's policy up to this point of
maintaining all log data intact on an indefinite basis.
The AP piece referenced above notes that AOL apparently already goes
farther than Google plans to go in terms of IP address anonymization
and some other related issues. In light of that, my many public
statements over time that have been critical of Google data retention
policies, and my "Open Letter to Google: Concepts for a Google
Privacy Initiative" from last year
( http://www.vortex.com/google-privacy-initiative ),
what is my take right now on this move by Google?
It's much simpler than you might expect. I am not particularly
concerned at this point about the details of the policy. I could
(and at some point no doubt will) critique the various aspects of
Google's changes in detail regarding both perceived strengths and
shortcomings, but not today.
For today, let's view Google's announcement with the broadest
possible scope -- not so much for what it says but for what it might
portend for the future. For while these changes can be reasonably
viewed as only a first step on the road to the kinds of data
retention privacy enhancements ultimately needed, taking that first
step at all can be reasonably viewed as an immensely positive sea
change to Google's attitude toward this data.
Time will tell if the rest of that privacy road is traversed in due
course. It will be a challenging path indeed, especially in a
political environment where the pressure to retain data for extremely
broad retroactive investigatory purposes is growing at an alarming
rate. And as we've seen in the recent revelations regarding the
FBI's violations of the PATRIOT Act
( http://lauren.vortex.com/archive/000215.html ),
the issues are all interrelated, and Google of course
must obey these laws.
But those are issues for another day. For now, I'll simply thank
Google for listening, and express the hope that we can move forward
together into a very uncertain future, where deeds will always speak
more strongly than words, and where the decisions we make now about
these matters are likely to have impacts for generations to come --
as we all ideally try to live by the "Don't be Evil" creed.
It won't be easy. But we have no honorable choice but to try.
--Lauren--
Lauren Weinstein
lauren@vortex.com or lauren@pfir.org
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
- People For Internet Responsibility - http://www.pfir.org
Co-Founder, IOIC
- International Open Internet Coalition - http://www.ioic.net
Founder, CIFIP
- California Initiative For Internet Privacy - http://www.cifip.org
Founder, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
DayThink: http://daythink.vortex.com
_______________________________________________
privacy mailing list
http://lists.vortex.com/mailman/listinfo/privacy
