Google Rethinks Privacy, Scales Back Data Collection

Google is making some significant changes to its privacy policy as the company attempts to regain user trust. The release of its Chrome browser opened up a bit of a Pandora's box for the search giant, highlighting data collection practices that didn't sit well with customers or privacy actovists.

One of the main issues was the discovery that Google could see what you type in the Chrome Omnibox address/search bar and record it, along with your IP address, before you even hit the enter key. The company had been collecting about 2 percent of that data, spokespeople said.

Now, though, Google has announced it will stop collecting IP addresses and make all the collected data completely anonymous. The information, Senior VP of Operations, Urs Holzle, explained, will be used only to "monitor and improve the service." The same changes will be applied to comparable query collection processes within Google Search, Google Toolbar, and the Google iPhone search application.

Execs also announced plans to erase any IP addresses saved on Google's servers after nine months, cutting in half its current 18 month holding period. The move didn't come without some reluctance.

"While we're glad that this will bring some additional improvement in privacy, we're also concerned about the potential loss of security, quality, and innovation that may result from having less data," Google's privacy counsels wrote in a blog post Tuesday.

This certainly isn't the first time Google's had to defend its privacy practices. Microsoft's chief strategist publicly questioned the company's progress in a recent interview, but Google's issues go much further back. Some highlights:

  • July 2008: Google gave in to privacy organizations' requests and added a prominent link to its privacy policies on its front page this summer. Google had previously resisted such a change.
  • July 2008: The company is currently facing legal action over what it shows in its Street View service. A Pittsburgh couple is suing Google because they say images of their home posted online have caused them "mental suffering" and dropped property values. Google's response claimed "complete privacy does not exist" in our modern tech-enabled world.
  • May 2008: The same service made waves overseas when Google geared up to introduce Street View in Europe. European Union officials expressed concern about whether the photo-taking procedures would follow Europrean privacy laws.
  • December 2007: An update to Google's Reader program caused a minor uproar when users said the new version shared too much of their data with others. Google soon implemented additional options to let people control exactly what was shared and with whom.
  • September 2007: Google's acquisition of ad network DoubleClick raised more than a few eyebrows. Privacy advocates worried the merger would open up new doors for sharing of customer information.
  • July 2007: An online privacy report placed Google last among 23 major Internet companies when it came to protecting users' privacy. The report declared that Google displayed "comprehensive consumer surveillance and entrenched hostility to privacy."
  • February 2006: Google's long-term storage of cookie data came into the spotlight during a federal investigation. At the time, subpoenaed records indicated Google had placed cookies on users' systems that would remain in place for more than 30 years.
  • April 2004: The launch of Gmail opened up an early can of worms because of public plans to scan incoming e-mails and add in relevant advertisements. The director of advocate group Privacy International at the time called it "one of the hottest issues [he'd] ever dealt with."

All right -- you know all the facts. Do you think Google goes too far with collecting user data? Feel free to voice your opinion and comment.

Subscribe to the Security Watch Newsletter

Comments