Google to Anonymize Users' Search Data 151
Google's official blog states they are on an effort to anonymize their search data after 18-24 months. After previously fighting turning over search data to the feds, it looks like they are striking another blow to the "think of the children" crowd. Any bets on whether MSN or Yahoo! will follow suit?
The real WTF is.. (Score:2, Interesting)
Re: (Score:3, Insightful)
There is - as far as I can see - no rational argument that has to do with improving search results because you have them tied to individuals.
And yes, keeping tabs on half the globe is evil too...
Re: (Score:2, Interesting)
Re:The real WTF is.. (Score:5, Funny)
Studies have shown that 43% of all people who search for "Donkey Love" will buy our product within 3 years if they see our ads.
Re:The real WTF is.. (Score:4, Funny)
Studies have shown that 43% of all people who search for "Donkey Love" will buy our product within 3 years if they see our ads.
...and that number rises to 98.3% if we mention we found that item in their search history.
Re: (Score:2)
Bigger than just marketing. (Score:2, Interesting)
It is to Google as they want to know more about you, so they can build up a clearer profile about you. Just because they (say they) are going to delete the data after 2 years, doesn't mean they will not use the data in that two years to build up a profile about what you like. Then they can still keep updating that profile over time while deleting data. So even once they delete the dat
Re: (Score:1)
Dammy
Re: (Score:1)
Re: (Score:2)
ADVERTIZING (Score:3, Insightful)
Re: (Score:1)
This information is very valuable as an ad provider. Just do a little data mining [wikipedia.org], and you will find stuff like "people who search for pregnancy cloth 5 years ago are more likely to click on child cloth ad today" and many other not so obvious relationships.
The only reason google is willing to throw this information away (and money with it) is because customers are concerned about their privacy.
Re: (Score:2, Insightful)
There's a goldmine of data there. "Anonymizing" it doesn't affect this, unless they have filters to try to recognize such and get rid of it.
Still, if it's in the form of "User X" searched for these 132 terms last month, some terms might identify them and hence link them to other things like their unfortunate search for "donkey l
Re: (Score:1)
A.I. is also far more effective at linguistic analysis (which Google may wish to introduce in the future, if they haven't already) when relations between results are known, and can be mapped to one user.
The type of things a single user would search for are often limited to certain categories of knowledge and thus a linguistic analysis engine could determine query relations which would improve search results for future users.
Re: (Score:1)
Re: (Score:2)
If you don't, then either you don't mind Google keeping tabs on you, or you are a wuss.
It Is About Context (Score:3, Interesting)
Uhm (Score:3, Interesting)
Re:Uhm (Score:5, Insightful)
Re:Uhm (Score:5, Insightful)
I know where you're coming from, but that would kinda fuck with their targetting advertising business model dontcha think?
Re: (Score:3, Insightful)
Re:Uhm (Score:4, Insightful)
Historical data that identifies a unique user is extremely useful. I do the same thing with our Intranet search and report tools. If I want to improve something, oftentimes the logs will give a very telling tale. (This accounting department employee searched for "expense", then "expense excel", then "expense spreadsheet", then "expense log", finally getting his document. I can then add the keywords 'excel' 'spreadsheet' to the actual document entry.) That said, you don't actually need to know who the unique user is, for all intents and research purposes, User5486734067 is just as useful as an IP+Cookie.
Re: (Score:2)
There are two good reasons to keep the data, as far as I can see, the first is to avoid sending
the same ad to someone twice (but for that you only need a history of what ads they've seen, not
what they have searched for, though of course that does help to tag a user as a 'programmer' or
an 'accountant'), the second is when you go in to the massive selling of profiles business.
There are some companies that do this (Schober comes t
Re: (Score:2)
From my experience with AdSense, Google doesn't give direct access to any of the information. In fact, it makes sense for them to strongly protect their profiles. If they sell them, they lose control over them. Sure, they can retain legal control, but once they're out, they're out. Google isn't dumb, they'd rather make $1 for every profile access versus $100 up front, as the $1s will add up over time (not actual dollars, jus
Re: (Score:2)
As for the search profile study that was AOL's blunder, and after examining
the data that AOL provided in some detail (several weeks worth of work) I am
absolutely amazed at how privacy invasive this stuff is.
That is why I'm eagerly awaiting a competitor to the big G that has a really
strong privacy statement.
If the quality is anywhere near comparable I'll switch in a heartbeat. But I
do not doubt that I'd be one of very few people to do so. Not because I have
something to hide, just becau
Re: (Score:2)
strong privacy statement.
None ever will most likely, not enough people care and G will simply kick their ass due to having better data to model things with. Search isn't exactly an easy field to break into right now , there is possibility for more or less niche search engines but not at a google/yahoo/msn level. Sure someone could make a brilliant new algorithm but then it's very unlikely that they'd also have a strong privacy polic
Google as mutual fund (Score:2, Interesting)
Re: (Score:2)
have *ever* come across on slashdot.
If this is true then not only is the stockmarket in serious danger, it may also mean
that to 'beat the market' now means to 'beat google', and you had better not use
google as a research tool if you're an investment banker (I'm pretty sure that's an
easy profile to make) or the game is up....
amazing...
somebody *please* mod parent up
Re: (Score:2)
For example, it is likely that google alters its search page with different setups to test various things in which case your long term reaction to such different ad methods could be useful. Likewise seasonal trends require long term data to find. There is a big difference between using data in production and
Mine already is (Score:3, Informative)
Re:Mine already is (Score:5, Informative)
I guess that's what happens when you Slashdot before caffeine. I'm sorry.
Re: (Score:2)
That helps.
Of course, if you want to shorten log retention further than Google's "only 2 years!", you can go through a proxy like Anonymizer [anonymizer.com] or Tor [eff.org]. If the fullbore proxies are too much of a hassle, there's always the search proxies like Scroogle Scraper [scroogle.org] (where the log retention is 48 hours).
Another approach is to poison the data mine with TrackMeNot [nyu.edu] by generating thousands of random searches in the background.
Re:Mine already is (Score:4, Informative)
How about (Score:2)
anonymizing it straight away! That would be an even quicker solution to the problem.
0 months? (Score:2)
Re: (Score:2)
Re:0 months? (Score:5, Insightful)
Re: (Score:2)
An example off the top of my he
Re: (Score:2)
Because Google's primarily a media company... (Score:5, Informative)
Shouldn't be collecting that info anyway (Score:2, Informative)
There is no need to collect the IP addresses of searchers that haven't opted in to Google's personalized search. There is no law, that requires it.
There is no need to store the IP addresses of individual visitors to websites when
Re: (Score:3, Insightful)
As for your whole you "we have privacy" bit, sure you do. In your own home while using your stuff. The moment you sent your request out over the internet in plain text to a third party (that is a corporation out to make money you kno
No Consent (Score:4, Interesting)
"The moment you sent your request out over the internet in plain text to a third party (that is a corporation out to make money you know) you lost that."
Not so, the law says we have to consent and we didn't consent!
And what about when that party isn't Google? Google analytics is not on Google's site, it's embedded on third party sites, Google's adsense is on other people's site too. I didn't consent to handing my data to Google when I surfed to third parties site, Google took that data and recorded it in violation of EU privacy laws.
This has also been sued for before resulting in Doubleclick backing down over exactly this issue.
http://archives.cnn.com/2000/TECH/computing/01/28
"A California woman has filed suit against DoubleClick, accusing the U.S.-based online advertising company of unlawfully obtaining and selling consumers' personal information, according to a statement issued by her attorney's office."
"Hariett M. Judnick filed the suit in Marin County Superior Court in California, on behalf of the "general public of the state of California," the statement said.
The suit alleges that DoubleClick employs Internet cookies to identify users and track their movements on the Internet. The company tracks and records the sites an individual visits, as well as the information transmitted on the sites, such as names, ages, addresses, shopping patterns and financial information."
Re: (Score:2)
Searching will only get more and more complex as time progresses and things like automatic language translations finally start to appear. Privacy on one hand or the search engine adapting to your search style, not really as clear cut a choice as
Re: (Score:2)
AOL did not anonymize correctly. True anonymization would not have queries linked by "userid". Giving you 100 queries and saying "these 10 were made by one user, these 7 by another, etc." is far different from just giving you 10
Re: (Score:2)
Google could not exist without collecting this information. This data is central to its business model, and key to its differentiation from other search engines. Its history of growth (of individuals choosing to use Google over similar products) validates this approach and also demonstrates that the methodology is generally accepted. The great majority of web uers see nothing wrong with the method even though concerns about it are getting a fair amount of publicity.
According to TFA (Score:5, Insightful)
Re: (Score:2)
Re: (Score:2)
I need another cup of coffee.
Re: (Score:2)
In this case, it can be determined that a search was within a group of 256 people, but they can't tell which one. What if they just stored the country of the user? Same thing, just larger group. More anonymous.
There are all kinds of degrees of anonymity. I'm not advocating any side to the issue, but if you are going to look at the issue intelligently, seeing it in simplistic black
It's there servers (Score:2, Troll)
I should point out that your google query goes over plaintext HTTP so anyone inbetween can eavesdrop on your queries.
Tom
Re:It's there servers (Score:5, Insightful)
If you've got nothing to hide, you should have no problem with this.
Re: (Score:2)
I'm not saying people shouldn't have privacy, I'm saying if you export your secrets outside of your domain, you shouldn't expect privacy.
You don't do your personal finances on a city bus do you?
Re:It's there servers (Score:5, Interesting)
Funny - my computer is in my house, behind locks and blinds too. Hey Google's computers also are behind lock and key, and they even have security guards and alarm systems. I don't ever remember giving Google permission to disclose any information shared between them and I - oh and heaven forbid I go around giving away the information Google found for me - I'd get sued!
Why would the whole world automatically be party to the information Google and I shared one evening? My computer sent that information to a specific internet address, and the answer came back specifically to my computer.
Not so out of context...
Re:It's there servers (Score:4, Insightful)
Assuming you're not trolling...
When you send a query to google, it goes over the "internet" in the clear. That is, not encrypted. Anyone who can see it can read it. Well who can read it? Turns out a lot of people. Between me and google are probably 10 different boxes. 5 of which are just my ISPs routers. The other five are boxes on other networks, not even related to Google.
There is no inherant requirement for privacy like there is with telephones (maybe their ought to be one). But that said, you're giving your data to Google, willingly no less. That gives them every right to record it. You gave them permission by using their service, I guess you never read their TOS [google.ca] which is your fault, not theirs. Think about the analogy in the real world. This is like you handing your drivers license to every stranger you meet, then getting upset when some of them write it down.
If you don't want your assets [IP, location, name, platform, etc] leaked to Google you should use an anonymous proxy.
Tom
Re: (Score:2)
When you use language like "caught" you are obviously not referring to Google, but rather some external agency (i.e. the government) rather than by Google. You are changing the parties involved to strengthen your argument.
Re: (Score:2)
But your search queries leave the house, unencrypted, with no guarantee of protection and travel to Google. That's where the analogy has fault.
Re: (Score:2)
It's like sending letters without envelopes and demanding that the USPS makes sure no-one can snap up and read the letters while in transit. Or going to the post office in the nude and demand the post office makes sure nobody can see your penis before you get there.
What? You don't have a penis, and I'm an insensitive clod? Sorry.
Re: (Score:2)
Although really, there is a good argument to be made that people have the expectation of privacy when they use the internet from their own homes, even if it is not technically feasible.
To use the house analogy, I assume you don't keep your blinds down on your windows 24/7. Wouldn't it feel wrong if someone were using a telescopic lens from 200 feet away and watching your
Re: (Score:2)
There is a certain question about whether you can use information eavesdropped off the internet in legal proceedings. But that's a question of law, not privacy. If you're worried about privacy, you must keep your secrets to yourself.
And frankly, you don't have a contract with Google to not log your searches. Add to that your'e doing it over http and it's hard to argue anything else.
i could see if you
Re: (Score:2)
Which is why there should be a law to protect privacy on the internet. Law and privacy are not mutually exclusive.
This isn't simply a matter of reading TOS's. I don't see why we should have to wait for a corporation to offer it to us before arguing we deserve privacy. Again, there is an expectation of privacy for telephone and U.S. mail communication, so why should we throw up our hands and abandon all hope of privacy for the internet?
Re: (Score:2)
Ok let me explain this to you.
Even over the phone, you have no privacy. Even though it's illegal to wiretap without a warrant. There is a difference between privacy and "non-admissable in a court of law."
Imagine you were a spy, and you wanted to communicate with your handler. Would you talk plainly and openly over the phone because wiretapping without a warrant is illegal? No. you'd encrypt the message [codewords, etc]
And while yes, I think the government should require warrants before wiretaping
Re: (Score:2)
Right. So, some day, you go to see you doctor, and he finds you terribly ill. You know the disease will evolve into a really crippling illness, and your health insurance is just about to be renewed. Question : do you mind if your doctor, "as a party to the communication" you just had with him, "decides to divulge the nature" of the disease to your insurer ? Is that "their business" and theirs only ?
Re: (Score:2)
Your argument makes no sense, for what you are talking about is doctor-patient confidentiality. As far as I know, there is no such thing as Google-searchee confidentiality.
Look, it's this simple. If you transmit your queries, host strings and other info, over plaintext, to a private server, with whom you have no contract, don't assume that the information you transmit is not being seen by other peoples eyes.
Tom
Re: (Score:2)
People seem to infer that I mean to say you should only search for telescreen approved subjects. Hell no. Just don't expect privacy when you're using someone elses server, over the Internet IN CLEARTEXT.
Tom
Re: (Score:3, Funny)
Yeah while we're there we can install the webcam in his bathroom and broadcast on the net every time he takes a crap. I have a pair of guys willing to do the commentary on wiping techniques to add to the video...
Re: (Score:2)
It all depends. Are you hot?
Re: (Score:3, Insightful)
Excuse me?! I live in America and if I want to research the results of the search terms "jihad death to american president" I'm well within my fucking rights.
Fuck you for saying otherwise.
Re: (Score:3, Interesting)
Google is within their rights to gather as much information as you feed them (your ip, time of day, host strings, query string, etc).
My point was if you were planning on committing crimes, you shouldn't use google to find tips.
Tom
Re: (Score:2)
I see the problem now; you clearly don't understand the extent of Google's monitoring. They're not logging just IP address', they're logging people. The AOL data that came out showed how you could follow tracking cookies to see exactly what people, not IP address', were searching for.
I don't see why you have such a problem with it anyway. Many people around the world asked fo
Re: (Score:3, Insightful)
Google logging all your queries: Not a privacy problem.
Bank leaking your SSN via stolen laptop: Privacy problem.
AOL knowing that you like midget porn: Not a privacy problem.
Government using sub-standard contractor to manage passport data, later turns up on broken into computer: Privacy problem.
By screaming wolf every time "data" is mentioned you desensitize people to real privacy problems.
IAO (Score:1)
We still think of the children! (Score:1, Interesting)
After previously fighting turning over search data to the feds, it looks like they are striking another blow to the "think of the children" crowd.
Anybody who remembers this incident probably also remembers the article 'Google in bed with the CIA' too:
"Google was a little hypocritical when they were refusing to honor a Department of Justice request for information because they were heavily in bed with the Central Intelligence Agency, the office of research and development," said Steele.
http://www.prisonplanet.com/articles/october2006/2 71006googlecia.htm [prisonplanet.com]
Makes me wonder how fast does the CIA anonymize their material? Ha!
Re: (Score:1)
Here's a quote from William Colby, former Director of the CIA:
"The Central Intelligence Agency owns everyone of any major significance in the major media."
Plus ça change...
Re: (Score:2)
Re: (Score:2)
rom the poof-your-gone dept. (Score:1, Offtopic)
This is quite significant, (Score:1)
Firefox can already anonymize Google (Score:1)
18-24 months? (Score:2, Insightful)
Re: (Score:2)
I'm guessing they will have a new process, executed every 6 months, which anonymizes all logs older than 18 months. How long would any given search remain non-anonymous under that approach? 18-24 months.
Re: (Score:2)
Re: (Score:2)
>retaining so much data than out of any act of benevolence. However it definately makes
>good PR to paint this as 'Taking steps to improve privacy'...
I am sure that while statistical analysis is one possible use, another use is fraud prevention. Google makes money off each search query. However, there are people who try to scam the system using adsense and adwords programs and keeping a year or two worth of data
You won't be anonymous, and it doesn't matter (Score:3, Interesting)
I don't think it will mean much unless they publish their anonymization technique. Even Google seems to have doubts about it, and considering the resources of some attackers (e.g., national governments), if the anonymization can be broken it will be.
But Google's anonymization does not have to be perfect: Google isn't the only place your google.com activity is recorded: There's your personal computer, possibly your ISP, other sites (referrer links show Google search terms), etc. As long as Google makes their anonymity difficult enough to break that it's significantly easier to go elsewhere for the information, they've done their job. If you need to be anonymous, I hope you are taking other steps.
I, for one, welcome the merciful intentions of our benign new overlords.
Um... (Score:1)
Personally... we knew this was going to happen. Anyone that's surprised is a fool.
Things That Bit Butts, Part Deux (Score:5, Insightful)
List of nifty little phrases that have bitten their speakers in the ass:
Now Google brings us:
Let's just be less evil, now that we've been caught.
well (Score:1)
'Twould be better if it all stayed anonymous, in my opinion
Hash the IP addresses? (Score:2, Insightful)
So forg
Re:Hash the IP addresses? (Score:5, Insightful)
(If your solution is to increase the space of inputs by adding a variable salt value, please explain how this allows them to use the resulting hashes for aggregation.)
127.0.0.1 (Score:4, Funny)
Google doesn't deserve any good press over this (Score:2)
18 months? (Score:2)
There is absolutely no reason for them to retain logs linking searches to IP addresses for even 18 seconds, let alone 18 months -- this isn't "improving Google" for any of their users, no matter how much they claim it is.
Keeping search history for logged-in users is one thing; I can see how some users could find that useful, just like browser history autocomplete. Perhaps they want to keep logs of non-logged-in users around for something like geographical targeting, but there's no reason they can't process
I don't understand (Score:2)
Well, we actually do evil, but we'll stop in 2 yrs (Score:2)
They know what you search for, who you IM and email and about what, where you have appointments and what you bought. You essentially have no privacy.
If you value your privacy do not use any single provider and spread your searches,
Re:right.... (Score:5, Informative)
The data retention directive only applies to ISPs, and only deals with who you "communicate" with. It does not explicitly say that a record of which websites you visit should be retained, and it explicitly says that the content of the communication must not be retained.
However, as for all EU directives, it only contains the baseline of regulation. Directives are never law themselves, but have to be implemented in each respective member state by each respective legislative body. These, in turn, are free to implement whatever they want ABOVE the baseline, so some member states may have longer retention periods for this data, some member states may require ISPs to retain additional data.
The deadline for this directive is September this year, but if you read it, a few member states have reserved the option to postpone parts of the directive, typically of the internet-related traffic. This basically means that they recognize the difficulties in implementing it, and want more time to think about on how to do it, or possibly obstruct it.
What all of this boils down to is that maybe, sometime in the future, if you have an European ISP, they may be required to store all the URLs that you access. Google search data is transmitted as querystring parameters that are part of the URL, which means that your search data may be stored by your ISP, in a non-anonymized way. There's nothing in this possible future that Google has to comply with, as long as they are not an European ISP.
Re: (Score:2)
Most of the other requirements are at least in some sort of feasible realm, they deal with which DSL modem at what address had what IP at what time, and which cellphone called which other. It's intrusive and bad, but at least tied to hardware and physical location. However, I missed this part:
Re: (Score:2)
Re:right.... (Score:5, Insightful)
Maybe because they do business in Europe?
Re: (Score:1)
Go away.
Re: (Score:2)
Funny you mention that, I was searching just the other day for "sofa porn" and "kinky Goldfish covers"...