Peter Fleischer, Google's top global privacy counsel, said data retention issues are of no concern to a European privacy watchdog group.
 |
| Google To Watchdog: Mind Your Own Business |
 |
Data protection and data retention occupy different parts of the overall online security picture. When the Article 29 Working Party in Europe expressed its concerns about data retention, Google shifted its retention policy to an 18 month period, after which it would anonymize the data.
As for the rest of the group's views on data retention, Fleischer politely suggested in an OUT-LAW.com podcast excerpted by The Register that Article 29 should stick to its data protection mandate:
"Remember the Data Retention Directive comes out of the security side of government, not the data protection side," said Fleischer. "So it's interesting to me to hear what an official from the data protection world thinks about data retention, but it's like asking somebody who works for the railroad what they think of airline regulation. It's just not their field."
EU officials seem to agree:
"The Data Retention Directive applies only to providers of publicly available electronic communications services or of public communication networks and not to search engine systems," Philippos Mitletton, who works for the European Commission's Data Protection Unit, which itself is represented on the Article 29 Working Party, told OUT-LAW.COM. "Accordingly, Google is not subject to this Directive as far as it concerns the search engine part of its applications and has no obligations thereof," he said.
Google intends to stick to its data retention plans. Fleischer said in the interview that Google would adhere to the 18 month retention even if the EU did away with its Data Retention Directive.
iEntry 10th Anniversary
RSS
Newsletter
Advertising
Let's keep our information private
Google may be abiding by the EU’s data retention laws, but I wonder how long Google can maintain its users’ trust regarding privacy issues. The EU and the United States need stronger privacy laws for search engines and ISPs. The most effective privacy law would place limits on data collection.
My organization the New Millennium Research Council (NMRC) recently explored the privacy and security concerns associated with data retention mandates in its online newsletter. The newsletter shares the views of Hance Haney, a Senior Fellow at Discovery Institute and Peter Swire, a professor of law at the Ohio State University and a fellow at the Center for American Progress.
Here are the key points that they make:
Haney concluded that collecting users’ IP addresses would not stop criminals from connecting to public Wi-Fi access points as anonymous users. Even if these public hotspots required users to register, Haney explained that criminals would use residential wireless networks that are “frequently unsecured.”
Swire concluded that the US should continue to use the current data preservation law and not adopt a nationwide data retention mandate. Swire, however, said that the data preservation system must be improved to ensure that any sensitive government data collected by ISPs would not end up in the wrong hands and threaten our national security.