Big Data // Big Data Analytics
News
12/8/2008
06:34 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Microsoft Reduces Search Data Retention To Six Months

That's three months less than the search data retention period observed by Google, which adopted a nine-month period in September.

In response to the call by a European Union policy group for a common standard for the anonymization of search data, Microsoft on Monday proposed a six month search data retention period as an industry standard.

That's three months less than the search data retention period observed by Google, which adopted a nine-month period in September, half of what it was before that. Yahoo has a 13-month search data retention period.

In April, the Article 29 Working Party, as part of its effort to interpret the applicability of EU data protection laws to Internet search providers, issued an opinion that stated it saw no basis to keep search data more than six months. It also said that the cookie files deposited on users' computers for purposes of tracking and identification should only be kept as long as necessary.

When Google reduced its search data retention period to nine months in September, it did so while noting that "it was a difficult decision because the routine server log data we collect has always been a critical ingredient of innovation." The company has said that it uses search data to improve search quality, to improve security, to fight fraud, and to reduce spam.

Microsoft, which has far less to lose in search advertising revenue under a more stringent data retention regime, appears to be more willing to accede to the Article 29 Working Party's recommendations, at least at this point.

"We fully support the Article 29 Working Party for its desire to have common industry standards for search data anonymization," said Brendon Lynch, director of privacy strategy for Microsoft.

Microsoft is supporting the full anonymization of IP addresses after six months and the deletion of cookies and cross-session identifiers.

Google previously committed to partial IP address anonymization, a process that involves deleting one of the four octets (eight bits) in an IP address. Under Google scheme, for example, the IP address 192.0.0.100 would become 192.0.0.xxx.

Critics of Google's approach believe this doesn't truly anonymize an IP address, particularly if other information is available about the user.

"You're limiting things down to a group of computers potentially," said Lynch. "But it may be if you've got all the other parts of the IP address and a wide range of search queries, that you still may be able to link it back somehow."

Ari Schwartz, VP and chief operating officer of the Center for Democracy and Technology, said that Google's approach is better than keeping the IP address, but short of getting rid of it entirely.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
6 Tools to Protect Big Data
6 Tools to Protect Big Data
Most IT teams have their conventional databases covered in terms of security and business continuity. But as we enter the era of big data, Hadoop, and NoSQL, protection schemes need to evolve. In fact, big data could drive the next big security strategy shift.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 20, 2014
CIOs need people who know the ins and outs of cloud software stacks and security, and, most of all, can break through cultural resistance.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.