The company will reduce the amount of time it keeps search query data.

Thomas Claburn, Editor at Large, Enterprise Mobility

January 19, 2010

2 Min Read

Microsoft on Monday said that it will delete the Internet Protocol (IP) addresses logged by its servers for Bing search queries after six months, a move first proposed by the company in December 2008.

Peter Cullen, Microsoft's chief privacy strategist, described the data retention policy change as a reflection of the company's business needs, the competitive landscape, and dialogue with privacy and consumer advocates and regulators.

The competitive landscape consists of Google, almost as far as the eye can see. Google in December received 85.34% of the global search queries, according to NetApplications. Bing received just 3.27%.

Nonetheless, Bing has delivered slow but continued growth. By making Bing the most privacy-friendly of the major search engines, Microsoft clearly seeks to differentiate itself from Google.

In September 2008, Google said it would start anonymizing IP addresses after nine months, down from 18 previously, and cookies after 18 months. However, Google's anonymization method, removing the last of the four sets of numbers in an IP address, has been criticized as insufficient.

Yahoo anonymizes log data and deletes IP addresses after three months, though it keeps a subset of its search data for a longer period for security uses.

Google has expressed reluctance to anonymize data too quickly, due to "the potential loss of security, quality, and innovation that may result from having less data."

That's a position Microsoft shares, even as it seeks to distance itself from Google. Cullen said that studying search query trends "enables us to improve the quality of our results, protect against fraud and maintain a secure and viable business."

In a blog post, The Future of Privacy Forum, a Washington, D.C.-based privacy group, welcomed Microsoft's action as an "important privacy advance" but cautioned that there's still work to be done because the new policy does not address cross-session identifiers, such as the hashed cookies stored in search query logs.

Microsoft said it plans to implement its new policy over the next 12 to 18 months.

Update: Clarified Yahoo's data retention policy.

About the Author(s)

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights