Yahoo's Anonymizing Attempt Falls Flat

In an attempt to quell some of its most adamant critics, Yahoo today said it would "anonymize" most data about users, including information tying their search histories to their IP addresses, after 90 days.

That's significantly shorter than Yahoo's previous 13-month retention period. It's also shorter than Microsoft's 18 months, Google's nine months and the six-month maximum suggested by European regulators. But it's also far longer than three days -- the length of time that IAC retains search query logs for users who deploy AskEraser.

In a conference call with reporters, Yahoo privacy head Anne Toth said the company hopes to bring "closure" to controversy surrounding the company's retention of data about users.

If that's Yahoo's goal, the company will be disappointed. While some privacy advocates are cheering the company's decision, significant questions remain.

First of all, Yahoo's method for anonymizing the data remains controversial. Search companies typically store logs tying users' queries to their IP addresses. Yahoo will anonymize those logs by deleting the last octet of IP addresses. But doing so leaves the majority of the IP address intact. The portion that's left can, in some circumstances, suffice to identify a user.



Yahoo also says that, after 90 days, it will strip its search query records of information like names, telephone numbers, or other data that could in itself help deduce users' identities. That, combined with the IP modifications, could make it harder to deduce specific individuals' identities from Yahoo's records -- but it's still not impossible.

Additionally, Yahoo isn't anonymizing everything. For instance, it says it won't scrub data that could be used to identify fraud, but the company is maddeningly vague about which type of data that is.

An even more pressing question is why Yahoo needs to keep IP addresses for even 90 days. Search companies typically say they need logs tying users' queries to their IP addresses in order improve their search results and guard against click fraud. Yet they've never once satisfactorily explained how and why retaining the data for months on end accomplishes those goals.

Next story loading loading..