• Ars Technica, Friday, September 12, 2008 11:30 AM

Under pressure from the European Union Commission, Google earlier this week trimmed its retention policy for storing IP addresses from 18 months to nine. Last year, the Web giant implemented an 18-month cycle for IP anonymization to comply with EU demands; the latest move seems to be similarly motivated, Ars Technica reports.

In conjunction with the policy change, Google submitted an open letter to the European Commission's Article 29 working group detailing the company's reasons for retaining log data. Among them: logs help combat click fraud and "search poisoning", protecting users and improving the overall quality of search results. Google also argued that its advertising system, which is the main reason the company keeps our data, "offers a higher level of protection for consumer privacy than a conventional subscription-based business model" in which consumers hand over their real names, addresses and credit card numbers.

Google tells Ars that it's still working on the anonymization algorithm it will use, but that users would most likely have to clear their cookies every nine months to completely break the link between Google's IP logs and the users themselves, as Google would only remove the last eight bits of a users' IP address. Security researcher Chris Soghoian thinks the company's anonymization plans are inadequate, because truncated IP values could still be linked back to a theoretical maximum of 255 users. Thus, by viewing a pattern of queries, you could still likely determine the identity of a given user. So why not remove the entire IP address like Microsoft, Ars asks?

Read the whole story at Ars Technica »