On the heels of Privacy International's damning assessment of Google's privacy practices earlier this week -- one that Google characterizes as inaccurate -- Google Tuesday announced a new policy to annonymize its server logs after 18 months.
This represents reduction from Google's previous server log retention period of 18 to 24 months, which was established in March.
Peter Fleischer, global privacy counsel for Google said in a blog post on Monday that in light of concerns brought forth recently by an E.U. advisory panel, the Article 29 Data Protection Working Party, Google would change its server log retention policy.
"We believe that we can still address our legitimate interests in security, innovation and anti-fraud efforts with this shorter period," Fleischer said. "However, we must point out that future data retention laws may obligate us to raise the retention period to 24 months. We also firmly reject any suggestions that we could meet our legitimate interests in security, innovation and anti-fraud efforts with any retention period shorter than 18 months."
Google, like all major online service providers, retains server logs and user data for a variety of reasons, such as diagnosing service problems, maintaining system security, and compliance with laws.
Web server logs typically record a Web site visitor's IP address, the date and time of the visit, the files or Web page requested and the amount of data transferred, the user agent or software program making the request, and the referring Web site, if any. An ISP can usually identify the computer associated with one of its IP addresses at any given time, if required to.
Log anonymization, however, does not ensure the anonymity of those logged. "Logs anonymization does not guarantee that the government will not be able to identify a specific computer or user, but it does add another layer of privacy protection to our users' data," Google explains in its Google Log Retention Policy FAQ.
Fleisher said Google was also exploring ways to redesign browser cookies to expire sooner without forcing users to re-enter information stored in them. He said that Google is planning to announce cookie privacy improvements in a few months.
Google's push to personalize its online services though data retention and analysis; its acquisition of Internet ad firm DoubleClick; and the introduction of Google Maps Street View; not to mention its runaway success; have stoked scrutiny of the company's privacy practices.
Google has taken some notable pro-privacy stances in the past, particularly in its decision to resist a 2005 U.S. Department of Justice subpoena for search data. The company maintains that it "is committed to raising the bar on our own privacy practices for the benefit of Google users," as Fleisher put it in a June 10 letter to Peter Schaar, Chairman of the E.U.'s Article 29 Data Protection Working Party.
To some extent, Google is between a rock and a hard place when it comes to data retention, given that total anonymity and perpetual data retention both present obvious problems. "There is no single right answer to the question of how long server logs should be retained," as Google puts it.
But as Google's detractors are glad to point out, there are plenty of wrong answers.