Google To Watchdog: Mind Your Own Business

By WebProNews Staff - Fri, 07/06/2007 - 06:03

Peter Fleischer, Google's top global privacy counsel, said data retention issues are of no concern to a European privacy watchdog group.

Google To Watchdog: Mind Your Own Business

Data protection and data retention occupy different parts of the overall online security picture. When the Article 29 Working Party in Europe expressed its concerns about data retention, Google shifted its retention policy to an 18 month period, after which it would anonymize the data.

As for the rest of the group's views on data retention, Fleischer politely suggested in an OUT-LAW.com podcast excerpted by The Register that Article 29 should stick to its data protection mandate:

"Remember the Data Retention Directive comes out of the security side of government, not the data protection side," said Fleischer. "So it's interesting to me to hear what an official from the data protection world thinks about data retention, but it's like asking somebody who works for the railroad what they think of airline regulation. It's just not their field."

EU officials seem to agree:

"The Data Retention Directive applies only to providers of publicly available electronic communications services or of public communication networks and not to search engine systems," Philippos Mitletton, who works for the European Commission's Data Protection Unit, which itself is represented on the Article 29 Working Party, told OUT-LAW.COM. "Accordingly, Google is not subject to this Directive as far as it concerns the search engine part of its applications and has no obligations thereof," he said.

Google intends to stick to its data retention plans. Fleischer said in the interview that Google would adhere to the 18 month retention even if the EU did away with its Data Retention Directive.

News Tags: Google, business, Retention, Data, European Union, Data Retention

2 Comments

By Nat Frolich (WPN reader) - Sat, 07/07/2007 - 05:16

Completely wrong

Your interpretation that the Commission's statement that Data Retention doesn't apply to search engines somehow supports Google's position is completely wrong. The point is that there are two different EU Directives - Data Retention and Data Protection. Google's persistent insinuations that Retention obliges them to keep IP addresses associated with search terms for 18 months has now been blown up. Therefore Data *Protection* rules apply, which obliges Google to minimize the personal data they hold.

See http://searchengineland.com/070612-041042.php#comment-2852

By Matt Bennett (WPN reader) - Fri, 07/06/2007 - 17:00

Let's keep our information private

Google may be abiding by the EU’s data retention laws, but I wonder how long Google can maintain its users’ trust regarding privacy issues. The EU and the United States need stronger privacy laws for search engines and ISPs. The most effective privacy law would place limits on data collection.

My organization the New Millennium Research Council (NMRC) recently explored the privacy and security concerns associated with data retention mandates in its online newsletter. The newsletter shares the views of Hance Haney, a Senior Fellow at Discovery Institute and Peter Swire, a professor of law at the Ohio State University and a fellow at the Center for American Progress.

Here are the key points that they make:

Haney concluded that collecting users’ IP addresses would not stop criminals from connecting to public Wi-Fi access points as anonymous users. Even if these public hotspots required users to register, Haney explained that criminals would use residential wireless networks that are “frequently unsecured.”

Swire concluded that the US should continue to use the current data preservation law and not adopt a nationwide data retention mandate. Swire, however, said that the data preservation system must be improved to ensure that any sensitive government data collected by ISPs would not end up in the wrong hands and threaten our national security.