Author (Person) | Mallinder, Lorraine |
---|---|
Series Title | European Voice |
Series Details | 14.06.07 |
Publication Date | 14/06/2007 |
Content Type | News |
Google has failed to satisfy an EU watchdog that it has aligned its policy on storage of personal data with European privacy laws. The Article 29 working party, which convenes next week (20 June), will dismiss compromises on data-retention periods offered by the US-based search engine and will demand further explanations on the nature of data stored. "As far as I am concerned there is not sufficient information on why they have to collect this data for retention purposes. This is not a transparent process," Finnish data protection ombudsman Reijo Aarnio, a member of the watchdog group, told European Voice. "My understanding is that all the member states are on the same line in this." Aarnio’s comments followed a letter sent by Google to the Article 29 working party - which is composed of high-ranking national data protection officials - at the beginning of this week (10 June). In the letter, Peter Fleischer, Google’s global privacy counsel, announces that the popular search engine will ‘anonymise’ its search server logs after 18 months, rather than the previously established period of 10-24 months. The letter had been sent in response to concerns raised by the watchdog last month. The body had alleged that Google’s collection and storage of potentially revealing data is in contravention of the 1995 EU data protection directive. The 30-year lifespan of the Google cookie, which places a unique identification on users’ hard drives, was deemed to be in breach of the 2002 EU framework on electronic communications. While Google agreed to shorten the time-span this week, it rigorously defended its need to store data on grounds of protection against fraud and abuse. "The important principle is to hold on to the data for as long as it is useful," said a Google spokesman. But the watchdog would appear to be less concerned with the data retention period than with Google’s reasons for keeping highly personal information indicating anything from sexual preferences to medical conditions. "If there is this legendary answer that it is for security purposes, it’s not good enough. They have to specify what kind of security threats there are," said Aarnio. "There’s a period of serious debate ahead," said an industry lawyer. "After 18 months, they [Google] are not going to delete personal details, they’re just going to anonymise cookie information and IP addresses. That’s quite a long time. Given the restrictive approach that data protection authorities have, I think they’ll struggle to accept that." Although the Article 29 working party does not have any legal powers per se, its final ruling on Google could have significant influence on national authorities, said the lawyer. Spain and France, in particular, would welcome a strict ruling that would allow them to crack down on the US search engine. Google has failed to satisfy an EU watchdog that it has aligned its policy on storage of personal data with European privacy laws. |
|
Source Link | Link to Main Source http://www.europeanvoice.com |