Yahoo! takes the lead in EU data protection compliance
Tomás F. Serna
December 17, 2008
The on-line privacy arena is getting hotter by the minute… Yahoo! announced today a new global data retention policy which highlight consists in that: (…) “Yahoo! will anonymize user log data within 90 days with limited exceptions for fraud, security and legal obligations. Yahoo! will also expand the policy to apply not only to search log data but also page views, page clicks, ad views and ad clicks.”
By taking this step, not only Yahoo! is complying with EU law, but it is most probably setting a new standard that Google and Microsoft -amongst others- will have no other option but to follow.
As recently as last week (Dec. 9th.), Microsoft made the news by stating that they would anonymize and discard data from search queries earlier if ‘others’ did the same.
As earlier discussed in this forum, Google has been engaged in a year and a half ‘disagreement‘ with EU data protection officials that has taken its privacy and data retention policies to shrink from a very open “for as long as they are useful” to a period in between 18 to 24 months, and more recently to 9 months.
Best privacy policy. Ever.
Tomás F. Serna
December 8, 2008
“Privacy is a hot topic these days, and we want you to feel totally comfortable using our service, so our privacy policy is very simple: when you search with Cuil, we do not collect any personally identifiable information, period. We have no idea who sends queries: not by name, not by IP address, and not by cookies (…). Your search history is your business, not ours.” (…)
Now, this is refreshing.
This privacy policy belongs to cuil.com, a somewhat recent initiative in the Internet ‘search’ business arena.
Founded amongst others by ex-googlers and billed as the “biggest Internet search engine” –it claims to have 120 billion web pages in its index, “3x more than any other search engine“–, Cuil inc. “analyzes de web, not its users“. That last one, is another line I love. You’ll be able to find it in the site’s FAQ.
Ixquick, a EU based search engine that was awarded the first European Privacy Seal (EuroPriSe) earlier this year, comes close to this. They recognize that search history can poise a serious privacy problem and they provide the following approach: They state that the only real solution is to delete user’s data and they promise to do so after 48 hours.
This was groundbreaking for me when I discovered Ixquick through EuroPriSe a couple months ago. It still is when compared to policies operated by major search engines out there. But Cuil’s way of tackling the issue is a much better one for the privacy conscious user. Or for any kind user for that matter. The first and foremost solution is to not record personal information from users in the first place.
So kudos to Cuil! This is a true breakthrough in the search engine business model. I really hope they can keep it up.
On a final note, I’d like to direct readers to Ixquick’s privacy information pages. Some interesting information over privacy and search engines there.
Privacy law and street views
José M. de Areilza
November 17, 2008
I have just read a very interesting article in the International Herald Tribune about the problems Google is having in different European countries to introduce its new mapping service, called Street View. This new product offers all kinds of photographs of buildings and addresses. The problem is of course the use of personal images or property without prior authorization. Privacy laws in Germany and Switzerland do not allow this new new thing, but more relaxed standards in France, Italy and Spain so far have allowed it.
Here are some questions for data protection experts, public lawyers and informed citizens who read this blog (being only one of the three is OK): Isn’t this a matter for an European common Standard? Why are so different the sensitivities in the North and South of Europe? Is strict protection of privacy a disincentive for technological innovation and investment in the our continent, like the above mentioned multinational company has hinted?
Praise for EuroPriSe
Tomás F. Serna
September 23, 2008
The European Privacy Seal (EuroPrise), project is an interesting initiative lead by the Independent Centre for Privacy Protection Schleswig-Holstein (Unabhängiges Landeszentrum für Datenschutz, ULD). This body is the local data protection authority of Schleswig-Holstein, the northernmost federal state of Germany.
Funded under the European Commission’s eTen Programme, it currently consists in a nine European partner consortium to which Madrid’s Data Protection Authority is a party.
At its essence, what this program is aiming to do is to establish a voluntary certification program by which any company or individual could: a) Gain assurance that her product or service is in compliance with EU data protection Laws, and b) Send a message to the marketplace and to consumers (end-users) stating: We take user’s privacy seriously. Should you choose to use this product or service, rest assured that nothing funny is taking place regarding your personal information. See, we have this seal to prove it. (more…)
Understanding privacy in Europe, playing well with others
Tomás F. Serna
May 19, 2008
Time flies. It seems it was two or three days ago at the most, but in fact its been already four weeks now that I attended a really interesting conference on privacy that took place here in Madrid.
The setting was a somewhat formal one, as the event took place at the CGAE, which I guess one could translate as the Spanish national bar association. Several participants mentioned being honored by having the chance to speak at the Spanish ‘cathedral’ of Law.
Among the speakers, all people with interesting backgrounds and even more interesting things to say, I write to report about two of them: Mr. José Luis Piñar and Mr. Peter Fleischer. (more…)
EU to Internet search engines: six months seem more than enough
Tomás F. Serna
April 7, 2008
Last friday (April 4), the Spanish Data Protection Agency distributed a press release making public that the ‘Article 29 Data Protection Working Party’ had finally issued its announced opinion on Internet search engines. As per said press release, the Working Party’s opinion states that search engines will not be able to keep personal data pertaining to user’s searches for more than six months. As of this writing, the opinion is not yet available for public consumption.
We briefly mentioned the ‘Article 29 Data Protection Working Party’ before. It is an independent advisory panel of data protection chiefs from all the member states of the EU. (more…)