Google expires cookies sooner in minor privacy concession
Google has changed its Web cookie privacy policy to address a common complaint by privacy advocates that information about Web surfers' activities is retained too long by the search giant.
Cookies are small files stored on a computer so that it can be recognized when it revisits Web sites, enabling the site to remember the user's preferences for things like e-commerce and sites that require log-in. Under the new policy, Google cookies will expire after two years instead of in 2038, according to the official Google Blog.
The thinking was that users could always delete the cookies if they wanted, but in actuality, not everyone knew how to do that or even thought to. "After listening to feedback from our users and from privacy advocates, we've concluded that it would be a good thing for privacy to significantly shorten the lifetime of our cookies--as long as we could find a way to do so without artificially forcing users to re-enter their basic preferences at arbitrary points in time," writes Peter Fleischer, global privacy counsel.
"Users who do not return to Google will have their cookies auto-expire after 2 years. Regular Google users will have their cookies auto-renew, so that their preferences are not lost," he writes.
In practice, however, only a miniscule number of people will be affected by the change. That's because if anyone visits Google even once in the next two years, the cookie expiration date will be extended. In other words, visiting on July 16, 2007, will reset the cookie to expire around July 16, 2009. Visiting any time between those two dates will automatically extend the life of the cookie--renewing it, effectively--for another two years.
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor. 
