Trying to learn how your favorite search engine protects your privacy can be as frustrating as a Where's Waldo book: it's not easy to find what you're looking for, and doing it on multiple sites is even more irksome.
To help our readers evaluate the privacy differences between AOL, Ask.com, Google, Microsoft, and Yahoo, CNET News.com sent them a survey on August 6. We've published their answers--in the companies' own words--below.
In some cases, we asked follow-up questions for clarification. If you have any suggestions for a future survey, send them along. And for background, here's a similar survey we did last year.
AOL
Here are responses from Amy Call, a spokeswoman for Time Warner's AOL Internet unit, which apologized a year ago for inadvertently exposing the
Web searches made by a large group of users. The company retains personally identifiable Web search histories for up to 30 days, after which time the identifying information is obscured using a hashing technique, Call said. It also announced last month that it would buy Tacoda, which delivers behavioral targeted ads.
What search-related data--including IP addresses, cookie IDs, user identities, and search terms--do you retain? Call: Under AOL's policy this kind of data may be retained for 13 months.
How long do you retain those data? Call: 13 months.
If you retain data for a limited period of time, is it completely deleted (in such a way that the data and backups cannot be recovered, even under court order) or is it anonymized instead? Call: After 13 months only aggregate search terms are retained.
If the data are anonymized, exactly how do you do this? Call: Not applicable.
Do you do behavioral targeting, meaning showing ads to users based on
their behavior across multiple queries? Call: Yes.
If you do, is there a way for users to opt out of behavioral
targeting? Call: Yes.
Do you use knowledge about your users (such as ZIP code, e-mail
address, gender, or birth date) obtained through user registration to
deliver targeted ads on your search engine? Call: No. We do use information provided by the user for localization
purposes to return more relevant search results for the specified
location, such as when a user enters a preferred location through
the AOL My Locations feature, or when the user enters a query with
explicit local intent (i.e. weather "20166")--such as local business
names.
Do you use knowledge about the identities of your users' instant
messaging or e-mail correspondents when using those services, or the
contents of those communications, to deliver targeted ads on your search
engine? Call: No.
Ask.com
Here are responses from Nicholas Graham, a spokesman at IAC-owned Ask.com, which received accolades for the redesign of its
search site in June.
What search-related data--including IP addresses, cookie IDs, user
identities, and search terms--do you retain? Graham: With the upcoming launch of AskEraser, a user's IP address, search data cookie ID and search query will be completely deleted and expunged.
How long do you retain those data? Graham: Users of AskEraser will have their complete IP address, complete search data cookie ID, and complete search query eliminated in a few hours or
less.
If you retain data for a limited period of time, is it completely
deleted (in such a way that the data and backups cannot be recovered,
even under court order) or is it anonymized instead? Graham: Users of AskEraser will have their complete search query data eliminated so that no one who requests it from Ask.com will be able to access it--ever.
If the data are anonymized, exactly how do you do this? Graham: Since users of AskEraser have their complete search data totally
deleted, none of their data is ever anonymized.
Do you do behavioral targeting, meaning showing ads to users based on
their behavior across multiple queries? Graham: No.
If you do, is there a way for users to opt out of behavioral
targeting? Graham: Not applicable, per the above answer.
Do you use knowledge about your users (such as ZIP code, e-mail
address, gender, or birt hdate) obtained through user registration to
deliver targeted ads on your search engine? Graham: No.
Do you use knowledge about the identities of your users' instant
messaging or e-mail correspondents when using those services, or the
contents of those communications, to deliver targeted ads on your search
engine? Graham: No.
We
wrote last month that AskEraser will launch by the end of the year. Do you have a more specific date? Graham: We don't have a more specific one.
Google
Here are responses from Victoria Grand, a spokeswoman for Google. Of the companies subpoenaed by the U.S. Department of Justice for Web search data and random URLs last year, Google was
the only search engine to challenge the order. In what was mostly a victory for Google, a judge said the company only had to turn over a subset of the random URLs the government sought and none of the Web search terms.
What search-related data--including IP addresses, cookie IDs, user
identities, and search terms--do you retain? Grand: Like most Web sites, our servers record the page requests made when
users visit our sites in "server logs." These server logs typically
include a user's Web request, IP address, browser type, browser
language, the date and time of the user's request, and one or more
cookies that may uniquely identify a user's browser.
This article appears flawed. Google does utilize behavior based tactics. Conduct a search on any topic and notice the ads on the search page. Wath the type of ads which appear relative to one's search habits.
When your talking Whooping Cranes a few = 2. When your talking Population of China a few = a couple of million. Please make them define "few" with at least an upper limit like "24 hours."
Phone calls used to be private before the anti terrorism acts in homeland security. Now privacy in this country, regardless of medium, is constantly compromised. I wonder if Google and all the rest would be willing to open all their private information to the public. They decide what will be my enhanced browsing experience while creating the opportunity for everyone else to discover what I do or what I want to know. When does the little guy get to decide for him or herself just what should be collected and saved and by whom? Maybe consumers should go back to snail mail and tell all these big brother organizations to take a hike. No they do not have a right to collect personal data. They simply assume the right and tell everyone that they have the right because no one is big enough to challenge them. People and companies government officials, get away with anything that the individual would be crucified for. I suppose that really is change we can believe in. The right to privacy stops at birth. Never mind the constitution; it does not apply to those who are too big to fail. People should have the right to freely move about the net in relative anonymity without anyone keeping tabs on them. The KGB used to do that too. In some venues, there are words that describe that kind of behavior. But hey Komrade; maybe you haf other interestink tings to share wit beeg brutter; eh?
Whether Apple will release a new iPad next month doesn't seem to be the question as much as what day it will happen. A new rumor has it down to the day.
Tommy Jordan, the man who shot his daughter's laptop for YouTube, gets a visit from police and child protection services. Oh, and Good Morning America.
Along with green-lighting Google's buy of Motorola, the Justice Department today OKs an Apple-Microsoft-RIM partnership deal to buy Nortel patents, and Apple's plan to acquire Novell patents.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
There are a lot of things that AT&T's humongous Samsung Galaxy Note smartphone is, like a digital memo pad, a medium-size-reader, and a great photo companion.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
