Search Engine Privacy Explained

Kesch writes "Zdnet has a posted a FAQ describing the storage of personal information done by the search engines of AOL, MSN, Yahoo, and, of course, Google. They describe what information is stored, how it is stored, what laws protect it (none), how you can attempt to protect your privacy, and what Congress is doing with regards to the issue."

Speak for yourself

[by Anonymous Coward]

They describe what information is stored, how it is stored, what laws protect it (none)

As a company operating in the UK, and as I am a citizen of the UK, m privacy is protected by the Data Protection Act [opsi.gov.uk]. I have the right to demand access to my data, and they are legally obliged to give it to me. If I find it to be incorrect, they are obliged to correct it. They can only use this data in the manner in which they are registered to use it with the Data Protection Registrar, and they can only share it with others under strict rules.

As I understand it, the rest of the EU have similar laws.

Just before anyone jumps down this fellows throat.

[reality-bytes (119275)]

Yes, I know that Google, Yahoo etc are US companies.

However, they have UK operations and these operations will fall under UK law. In the case of Google, trying to access google.com will usually force you to google.co.uk if it detects your IPs geographical origin as being in the UK.

It would be reasonable to assume that the UK DPA would apply to information aquired by the UK operations of US companies.

Google.nl

[Teun (17872)]

As you mention most European countries have fairly strict laws governing the collection and keeping of personal data, including the obligation to give access and possible redress.
Google has a Dutch portal and a Dutch sales office, both might make them responsible to follow the Laws of the Land.

Till now especially airlines have been exposed to the authority that is supervising adherence with this law but other companies with international operations are aware.

Teun@Tosh2:~$ whois google.nl

Rights restricted by copyright. See
http://www.domain-registry.nl/whois.php [domain-registry.nl]

Domain name:
google.nl (first domain)

Status: active

Registrant:
Google Inc.
Bayshore Parkway 2400
94043
MOUNTAIN VIEW CA
United States of America

Domicile:
Lagedijk 7
2064 KT SPAARNDAM
Netherlands

Sales Office Benelux
WTC2, Zuidplein 36
1077 XV Amsterdam
The Netherlands

Re:Just before anyone jumps down this fellows thro

[smoker2 (750216)]

In the case of Google, trying to access google.com will usually force you to google.co.uk if it detects your IPs geographical origin as being in the UK.

No, not here it doesn't. You have to specifically enter google.co.uk as the address, unless they are using URL masking - which is possible as the first few results are always uk based. However, I have a gmail account so they already know where I'm located (presumably) and the first results are always paid for ad-spots anyway.

But having said that, what matt

Re:Speak for yourself

[Ph33r th3 g(O)at (592622)]

What do you bet that if you invoked this, Google would say "But we're not a UK company!" Of course, when it comes to appeasing the ChiComs for a shot at the billion-enslaved-Chinese market, "We have to comply with Chinese law because we do business in China."

Google's "Don't be evil" veneer has worn off even quicker than I expected.

Re:Speak for yourself

[by Anonymous Coward]

What do you bet that if you invoked this, Google would say "But we're not a UK company!"

Like how Microsoft said "But we're not an EU company!" when they are being fined millions and forced to open up their protocols and file formats?

The bottom line is that if you want to do business in a particular country, you need to abide by that country's laws. Google want to do business in the UK (and China), so they have to abide by the UK's (and China's) laws.

Re:Speak for yourself

[FinestLittleSpace (719663)]

Nope, if they operate in the UK (which, obviously, they do), they are required to follow UK law. End of. Stop pointless 1337 g00gl3 bashing.

Re:Speak for yourself

[cyranose (522976)]

I'm not sure where the misunderstanding comes from, but it persists.

Google.com (US and intl servers) is still available to China UNCENSORED by Google (at least as uncensored as the US database is). Google.com is apparently censored or degraded by China or their ISPs to the point of being painfully slow, spotty, etc..

Google.cn is the new service that uses servers INSIDE the Great Firewall, therefore isn't censored on the international pipes and is much more available to the people who need it. The tradeoff i

Re:Speak for yourself

[cyranose (522976)]

I don't think you understand the situation. Take a moment to consider:

1. Bejing is forcing the censorship. The only way Google could steer clear of it is to avoid all service to China. Who does that benefit? The Chinese people might never even hear about such a stunt.

2. All countries (even the US) have some level of censorship, so the test is not "selling out" vs. being true to some ideal. It's a judgement ca Or should Google stop service to all countries that don't meat your ideal?

3. As I said, Chinese ca

Not Surprising

[valisk (622262)]

None of this is exactly surprising as it should have occured to anyone who cared to think about the issue.

But it does leave a legitimate question.
Will those bastards at Google tell my wife about my chronic pr0n addiction?

Re:Not Surprising

[paulthomas (685756)]

Will those bastards at Google tell my wife about my chronic pr0n addiction?
No, but /. might.

Love,
Your Wife

Great........

[technoextreme (885694)]

The only law on the books relating to electranic privacy is as old as I am. Im not very happy knowing this.

opt out...

[mytrip (940886)]

Google lets you remove your phone number from their database so other people can't look you up. They ought to let you remove your search history from their databases as well. I'm going to suggest this in their support forums.

Re:opt out...

[MoonBuggy (611105)]

And if they won't remove it, we should be able to make it useless. Just a little program that runs constantly and searches for random words (both innocuous and suspicious) at random time intervals (probably less than every minute). It would use little bandwidth and would result in your 'search dossier' being inconveniently large and legitimately deniable.

Re:opt out...

[The Cisco Kid (31490)]

They do. Just log in to your google account and click 'Search History' (at the top), then 'Remove items' (on the left) - As well as the ability to remove individual searches or clicked results, there is also a "Clear entire Search History" option.

Ah, yes, the federal government

[typical (886006)]

...and what Congress is doing with regards to the issue.

That would be *other* than seizing our search data to try to prove that porn should be banned on the Internet, I assume.

Nothing new

[by Anonymous Coward]

They had this back in 1984: Memory holes.

If you recall, all information placed in memory holes was supposedly destroyed, but it turned out that the government actually retained every item, and they came in handy for interrogation sessions.

The GoogleWatch Guy

[paulthomas (685756)]

Okay, so we all thought to some degree that the guy behind GoogleWatch [google-watch.org] was a nut. I suppose right now is when he can say: I TOLD YOU SO regarding the ability to compile search histories thanks to the never-expiring cookie.

Best,
Paul

Re:The GoogleWatch Guy

[Everyman (197621)]

Google Watch also runs Scroogle.org, a proxy that scrapes Google and/or Yahoo. One reply to the post says that I'm still a nut. But while I may or may not be a nut, this reply from an Anonymous Coward is wrong about the cookie. You don't need a globally-unique ID in a cookie to save the user's preferences. That is NOT the primary purpose of the cookie, but rather a convenient cover story for Google. The purpose of the cookie is so that you have a unique ID to tie together the activity of a single person who

Scope and Semantics

[Quirk (36086)]

Q: Let's say the Bush administration wanted to obtain a list of the names or Internet addresses of anyone who typed "how to grow marijuana" or "how to cheat on income taxes" into Google. Could that be done? Probably. If the Electronic Communications Privacy Act does not apply, all that's required is a subpoena from a prosecutor, and no prior approval from a judge is necessary. One Harvard law professor calls the subpoena power "akin to a blank check."

"The threshold rule is relevance," says Paul Ohm, the University of Colorado law professor. "Relevance has been quite broadly construed. As long as you can show that something's relevant to a case or criminal investigation, I think the litigant would have a pretty good argument."

The suggestion that relevance has been broadly construed is disturbing. The erosion of civil liberties needn't necessarily follow from the enactment of bad laws, but can, just as easily, follow from too broad an interpretation of existing laws and practices.

If the judiciary restrict the interpretation of terms like relevance to as narrow a meaning as possible there is less room for abuse, but in the present environment it's likely judges, not only in America, but in the west generally, will allow broad definitions of such terms to the detriment of civil liberties.

But wait! There's more!

[by Anonymous Coward]

There's still no mention of Macromedia Flash. Flash applets are very popular on most pages nowadays. They are used for ads, interactive demos, forms and more. But, people don;t seem to realize that they are also highly effective for storing information that can and is used for tracking purposes on your computer.

Have a look at
~/macromedia/Macromedia/Flash\ Player/macromedia.com/support/flashplayer/sys

or on Windows

C:\Documents and Settings\%UserName%\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys

Did you know that all of that was there? Do you know what's stored in all those files? Did you know that those files are accessible by any flash applet that runs on your system and that the flash applet can and does report back to its creator?

Then of course there are the problems due to Java script. Google has one for their analytics service that's all over the web tracking everyone. It's called Urchin and it's even in this page. Just look at the source for this page and search for "urchin.js".

People don't realize that they are totally OWNED!

Oops

[kalbzayn (927509)]

I was going to RTFA but then realized that zdnet is probably working in association with the government to gather information about people that would be interested in this article. And I'm not going to fall for it.

Become Private

[Slashdotgirl (912338)]

The following are just some of the programs, which provide a level of both encryption and anonymous communication for Internet usage:

• Tor: Onion-based routing that acts as a proxy layer between the client computer and the Tor network. http://tor.eff.org/ [eff.org]

• I2P: Also known as the Invisible Internet Project. The network is regarded as a message based system. http://www.i2p.net/ [i2p.net]

• FreeNet: is a distributed information and storage retrieval system designed to address the concerns of privacy. Freenet is designed to be anonymous and totally peer to peer. http://freenetproject.org/ [freenetproject.org]

• GNUnet: is a P2P network that can support many different forms of peer-to-peer applications. http://gnunet.org/ [gnunet.org]

There are other programs and if you do not want your "private details" known then you would be wise to use them. In addition, anyone who thinks their private data that is held by organisations and government departments is safe whether there is a "Data Protection Act" or not then they should think twice for example the "National Security Agency eavesdropping on Americans incident". This is not the first time nor will it be the last time that such incidents will occur. Without being anonymous, we can never have true freedom of speech.

The reason they want to use search engine data...

[mabu (178417)]

I'm not conspiracy theorist, but it seems pretty obvious the real value of this information and what the government might do with it once you examine the playing field and the objectives of all parties involved.

Frist and foremost, the Internet is currently unregulated. This really bothers most governments around the world, and probably the United States most of all. They want to have more control over this medium for a myriad of reasons, not the least of which is tax purposes and the ability to influence the populace. Look at what's been done with mainstream media and you can have an idea of what the powers-that-be would like to see happen to the Internet.

However, the government cannot simply arbitrarily announce they're going to start heavily regulating the Internet. That's not going to work, so the first step will be to try to use some kind of politically-correct issue, to shoe-horn their grimy hands into the issue. This is likely to be something like child pornography, which very few will have problems with. Things like COPA are good examples of regulatory laws which were passed with a minimum of opposition due to the PC-nature of the issues they addressed, but they all have the ultimate goal of setting precedents where the government(s) can tell you what you can do with your web site.

The demographic profiling done by companies like Google is a big part of the government's ability to make their case for additional regulation.

Make no mistake, this is and will continue to happen. Whether or not any of us think that it's practical to try to control/regulate what happens online, the government is sure going to try. With more and more commerce moving to the online world, and less dependence upon traditional media sources, big companies are going to want to have their piece of the pie, and they rarely play fair. We should be paying very close attention to what happens from the perspective of this plan. We should expect and anticipate a few popular scenarios to present themselves which will sway public opinion into allowing more government regulation of online activity. This may have to do with terrorism, child porn, or even spam. It's going to be an interesting time in the next decade as we watch and see how select corporate and government interests try to bully their way into having control of the Internet. Search engines are treasure troves of information they can use to prove any claim they want.

Re:Currently, it's all somewhat irrelevant...

[tehdaemon (753808)]

You missed a somewhat subtle nuance in his statement. Assumption, - you are right and we legally are not at war. Bush can, and is, still claiming that we are at war and is abusing this with his propoganda. Pretty much until the supreame court says no, Bush can still claim this. Whether he is right or wrong is mostly irrelavant.