mailing list archives
Inquirer: Google's privacy reform is a hoax
From: David Farber <dave () farber net>
Date: Tue, 16 Sep 2008 04:35:02 -0400
Google's privacy reform is a hoax
Pulling the wool over privacy advocates' eyes
By Egan Orion: Friday, 12 September 2008, 5:57 PM
AFTER GOOGLE announced Monday that it would begin removing Internet
addresses from web search records after only nine months instead of
its former 18 month retention period, it drew praise for that reform
from European Commission privacy regulators and the press.
The only problem is that Google's announcement was just a ploy to
deflect criticism and its web search archives will still contain data
identifying individuals' online search activity for at least 18 months.
Because Google's initial announcement was rather vague and tentative
as well as very light on implementation details, a Cnet reporter
contacted Google requesting more information. As he put it, Google's
reply was "extremely interesting." In an email response, Google said:
"After nine months, we will change some of the bits in the IP address
in the logs; after 18 months we remove the last eight bits in the IP
address and change the cookie information.
"It is difficult to guarantee complete anonymisation, but we believe
these changes will make it very unlikely users could be identified."
Doesn't sound positively reassuring, does it?
Looking into how Google "anonymises" users' web search records reveals
that its claims are nothing more than a sham, and that it retains
enough data to track users for years.
When a wibbler uses Google to search the web, it stores their unique
Internet Protocol (IP) network address, the search words they entered,
and their unique "cookie" identifier. (A "cookie" is a record sent by
a website and stored by the user's web browser. The cookie identifies
it and may retain additional information between a user's visits to
Google's current policy is that it "anonymises" users' IP addresses
and cookies within its archived logfiles after 18 months have elapsed.
However, Google's method for supposedly "anonymising" users' IP
addresses is simply to clear the last eight bits of each address,
according to information it has revealed publicly.
Since an IPv4 network address consists of only four bytes, 32 bits,
deleting the low-order (rightmost) eight bits doesn't remove much
information. The address-block belonging to the user's Internet
Service Provider (ISP) is certainly still identified by the data
Google has never said how it supposedly "anonymises" the cookie
identifiers it retains, so it's at least possible that Google merely
says it scrubs cookie identifiers, but really doesn't.
Now, Google's clarification of its recent announcement states that it
will change "some" -- but by implication less than eight -- IP address
bits that it retains after only nine months. It says that it will
still strip the last eight bits off the IP addresses it retains after
But Google has not said anything about anonymising the cookie
identifiers it retains in its logs after nine months have elapsed.
Changing a few bits in users' IP addresses means nothing if Google
doesn't also clear or non-reversibly encrypt its users' cookie
identifiers at the same time to render their search records truly
The cookies Google presents to web browsers reportedly persist for two
years, and their expiration dates are reportedly updated every time a
user visits a website run by Google.
What Google plans on doing means that it will still be able to track
its users' web search histories longer than nine months. And if, as
one might be forgiven for suspecting, Google never clears users'
cookie identifiers, then it can track them forever.
Without clearing its users' cookie identifiers, Google's widely
praised, supposed "reform" of its individually identifying data
retention practices is meaningless, and no true reform.
The European Commission, other citizen privacy advocates and the
traditional press that applauded Google's so-called "reform" of its
data retention and privacy policies ought to withdraw their praise as
premature and unwarranted, and haul Google in for questions.
"Don't be evil," indeed.
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
- Inquirer: Google's privacy reform is a hoax David Farber (Sep 16)