Google: Delete Here, Not There!

Google: Delete Here, Not There!

Our “privacy community” readers are probably very well aware that Google has recently admitted that the company’s Street View cars had been collecting the contents of communications sent over unsecured WiFi networks.  The European authorities are incensed about this revelation and today we read reports that the FTC may be investigating.

We trust that regulators, advocates and privacy experts will be deeply focused on how this could have happened and whether any laws were broken. But we don’t understand Google’s rush to destroy this data immediately. How will any of the inquiries determine exactly what happened without having the time to review the records? If it is being kept securely and not being used for other purposes, what is the rush to delete the data?

If Google is interested in deleting sensitive data, it should reconsider its retention period for search and for ad-serving log file data. We have repeatedly urged search engines and ad networks to recognize that long term retention of such data creates a risk to users that it will be disclosed. Whether it is risk of hackers, accidents like the one above, or governments at home and abroad, keeping detailed user log data long term creates a disproportionate risk to any commercial benefit expected. In the past year, Yahoo has been able to implement a three month retention period for its search and adserving log data, without any impact on the quality of search results or adserving capabilities. Why can’t other companies step up and follow in Yahoo’s lead? The Article 29 Working Group of European regulators have advised that 6 months is the maximum time period for search data retention in their jurisdiction and Microsoft has already started deleting the full IP addresses from their search logs after 6 months. 

So if deletion of data is called for, now is the time to make progress on deleting long term records of the “database of intentions” stored in Google’s log files. Regulators should demand that Google hold off on destruction of the WiFi data that may be needed to reconstruct this incident, until it can be done in an orderly manner and when questions about how this happened can be put to rest.

Leave a Reply


Privacy Calendar

Dec
2
Tue
all-day IAPP Practical Privacy Series 2014
IAPP Practical Privacy Series 2014
Dec 2 – Dec 3 all-day
Government and FTC and Consumer Privacy return to Washington, DC. For more information, click here.
Dec
11
Thu
9:00 am Progress of the EU Data Protecti...
Progress of the EU Data Protecti...
Dec 11 @ 9:00 am
The EU Member States have agreed to conclude the negotiations on the EU Data Protection draft Regulation in 2015. The process will have arrived at a critical point by the end of this year. The[...]
Jan
26
Mon
8:30 am Privacy as a Profit Center: Leve... @ Old Slip by Convene
Privacy as a Profit Center: Leve... @ Old Slip by Convene
Jan 26 @ 8:30 am – Jan 27 @ 4:15 pm
Learn how those on the leading edge of privacy governance and digital innovation from companies including Cigna, Cisco Systems, eBay Inc. Public Policy Lab, FocusMotion,Ghostery, Goodyear Tire & Rubber Company, Google, HP Enterprise Security Products, JPMorgan[...]
Jan
28
Wed
all-day Data Privacy Day
Data Privacy Day
Jan 28 – Jan 29 all-day
“Data Privacy Day began in the United States and Canada in January 2008, as an extension of the Data Protection Day celebration in Europe. The Day commemorates the 1981 signing of Convention 108, the first[...]
Mar
4
Wed
all-day Global Privacy Summit 2015
Global Privacy Summit 2015
Mar 4 – Mar 6 all-day
For more information, click here.
Mar
10
Tue
6:00 pm CDT Annual Dinner “TechProm” 2015
CDT Annual Dinner “TechProm” 2015
Mar 10 @ 6:00 pm – 9:00 pm
Featuring the most influential minds of the tech policy world, CDT’s annual dinner, TechProm, highlights the issues your organization will be facing in the future and provides the networking opportunities that can help you tackle[...]
Mar
13
Fri
all-day BCLT Privacy Law Forum
BCLT Privacy Law Forum
Mar 13 all-day
This program will feature leading academics and practitioners discussing the latest developments in privacy law. UC Berkeley Law faculty and conference panelists will discuss cutting-edge scholarship and explore ‘real world’ privacy law problems. Click here[...]

View Calendar