Inside Google

No
one knows more about us—our ailments, significant others, favorite
music, what we’re thinking about buying, and how much we spend—than our
search engines. However, this is stuff we probably wouldn’t choose to
share with a multimillion dollar web company. Every major search engine
in the world, however, retains every search query ever typed into its
field, and privacy advocates are calling for search engines to change
their ways.

Virtually all search engines gather information about
how searchers query, what they click, and where they wind up. This
personal information (i.e., IP addresses, cookies, session IDs) is
stored alongside queries for anywhere between 90 days and forever.

"I
think most users simply don’t realize the amount of personal
information they provide," says John M. Simpson, a consumer policy
advocate with the nonprofit group Consumer Watchdog. While most of the
data is used for behavioral targeting or performance improvement, it
can also be accessed by legal authorities with a subpoena. In 2006, AOL
accidentally released search query information for 500,000 users.
Police have used search engine queries against defendants in hacking
and murder cases (based on queries such as "how to commit murder" and
"undetectable poisons").

During a Q&A session with Google CEO
Eric Schmidt at a New America Foundation speech in Washington, D.C.,
Simpson asked the "king" of consumer search engines what the company
was planning to do about privacy concerns repeatedly expressed by
Consumer Watchdog. Schmidt responded that he was "sympathetic" to
security concerns, but he remained noncommittal about future privacy
measures.

Google seems to be taking a backseat and waiting to see
how successful other search engines’ solutions turn out before taking
action. Currently, all search information is stored on Google’s servers
for 9 months. After it expires, Google deletes the final eight digits
of the user’s IP address and hides cookies and session IDs.

Google’s
not the only company taking a wait-and-see approach: Microsoft has said
it would consider making changes if its competitors did. Microsoft’s
Live Search feature currently keeps search logs for 18 months before
fully deleting IP addresses and other identifying information.

So
who’s blazing the way? Search solution providers Ask.com and Yahoo!
have both recently thrown down the gauntlet by stepping up search
privacy protections in very different ways. Ask.com’s AskEraser tool
debuted in December 2007. When activated, the AskEraser "erases"
personal information, such as user and session ID cookies, search
queries, and IP addresses, usually within hours. The AskEraser works on
any Ask.com search field.

Yahoo!’s approach to search anonymity
is more subtle. Rather than giving users opt-out power, Yahoo! has
committed to a complex anonymization process that continues collecting
query data while disassociating specific users from requests. After 90
days in Yahoo!’s cache, the final octet of every IP address is deleted,
the Yahoo! ID and cookie information are one-way secret hashed (a
process that condenses and scrambles file data), and search queries are
filtered to remove any personally identifiable information (such as a
social security number).

According to Anne Toth, Yahoo!’s VP of
privacy policy, "We are dramatically increasing the scope of data
covered under our anonymization process. In addition to search log
files, our new policy applies to ad views, ad clicks, page views, and
page clicks for all our products and services on a global basis, which
encompasses all our log file systems. … We structured our policy to
ensure that Yahoo! continues to utilize data to create cutting-edge
technology, product innovation, and advertising solutions, while
strengthening consumer privacy protection."

Simpson isn’t so sure
that Yahoo!’s protections are enough. "[It’s] a step in the right
direction, but it doesn’t go far enough," says Simpson. "In the best of
all worlds, the default mode would be to not share information with
Google’s servers. Users would have the option to do so if they wished.
Failing that, a prominent button on the homepage that said, ‘Make me
anonymous,’ and that did so, would work."

While he
praised Ask.com and Yahoo! for taking steps, Simpson believes all eyes
are on Google. With 63% of all U.S. search traffic flowing through
Google, Simpson hopes they’ll be the next search engine to take steps
toward more secure search. "We are working to get them to change their
policies so that the rest of the industry will follow suit," he says.
"They have the opportunity to live up to their ‘Don’t be evil’ motto
and set the gold standard for privacy for the entire internet."

(www.yahoo.com, www.ask.com, www.google.com, www.consumerwatchdog.org)