Microsoft Reduces Search Data Retention To Six Months - InformationWeek
CIO Insights & Innovation
Security & Risk Strategy
Team Building & Staffing
IT Strategy
Digital Business
Project Management
Programming Languages
Dr. Dobb's
Enterprise Applications
Operating Systems
Productivity/Collaboration Apps
Network Security
Careers & People
Threat Intelligence
IoT
Attacks & Breaches
Application Security
Cloud Security
Endpoint Security
Mobile Security
Perimeter Security
Risk Management
Operations Security
Analytics
Vulnerabilities & Threats
Security & Risk Strategy
Infrastructure as a Service
Platform as a Service
Software as a Service
Cloud Storage
Data Centers
Mobile Applications
Mobile Devices
Mobile Business
Enterprise Mobility Management
Big Data Analytics
Hardware/Architectures
Software Platforms
IoT
Networking
Storage
Wireless Infrastructure
Data Center
Unified Communications
Cloud Infrastructure
Applications
Careers
PCs and Servers
Net Security
Government
Healthcare
Wall Street & Technology
Bank Systems & Technology
Insurance & Technology
Industries
Government
Healthcare
Wall Street & Technology
Bank Systems & Technology
Insurance & Technology
IT Life
Mobile
Mobile Applications
Mobile Devices
Mobile Business
Enterprise Mobility Management
Software
Enterprise Applications
Operating Systems
Productivity/Collaboration Apps
Data Management // Big Data Analytics
News
12/8/2008
06:34 PM
Thomas Claburn
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
0 comments
Comment Now
50%
50%
RELATED EVENTS
[Dark Reading Crash Course] Finding & Fixing Application Security Vulnerabilitie
Sep 14, 2017
Hear from a top applications security expert as he discusses key practices for scanning and securi ...Read More>>
RELATED CONTENT

Microsoft Reduces Search Data Retention To Six Months

That's three months less than the search data retention period observed by Google, which adopted a nine-month period in September.

In response to the call by a European Union policy group for a common standard for the anonymization of search data, Microsoft on Monday proposed a six month search data retention period as an industry standard.

That's three months less than the search data retention period observed by Google, which adopted a nine-month period in September, half of what it was before that. Yahoo has a 13-month search data retention period.

In April, the Article 29 Working Party, as part of its effort to interpret the applicability of EU data protection laws to Internet search providers, issued an opinion that stated it saw no basis to keep search data more than six months. It also said that the cookie files deposited on users' computers for purposes of tracking and identification should only be kept as long as necessary.

When Google reduced its search data retention period to nine months in September, it did so while noting that "it was a difficult decision because the routine server log data we collect has always been a critical ingredient of innovation." The company has said that it uses search data to improve search quality, to improve security, to fight fraud, and to reduce spam.

Microsoft, which has far less to lose in search advertising revenue under a more stringent data retention regime, appears to be more willing to accede to the Article 29 Working Party's recommendations, at least at this point.

"We fully support the Article 29 Working Party for its desire to have common industry standards for search data anonymization," said Brendon Lynch, director of privacy strategy for Microsoft.

Microsoft is supporting the full anonymization of IP addresses after six months and the deletion of cookies and cross-session identifiers.

Google previously committed to partial IP address anonymization, a process that involves deleting one of the four octets (eight bits) in an IP address. Under Google scheme, for example, the IP address 192.0.0.100 would become 192.0.0.xxx.

Critics of Google's approach believe this doesn't truly anonymize an IP address, particularly if other information is available about the user.

"You're limiting things down to a group of computers potentially," said Lynch. "But it may be if you've got all the other parts of the IP address and a wide range of search queries, that you still may be able to link it back somehow."

Ari Schwartz, VP and chief operating officer of the Center for Democracy and Technology, said that Google's approach is better than keeping the IP address, but short of getting rid of it entirely.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Webcasts
More Webcasts
White Papers
More White Papers
Reports
More Reports
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Download Now!
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Download This Issue!
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll