The Electronic Frontier Foundation has
asked the US
Federal Trade Commission to investigate
AOL’s release of
search records last week and prevent the company from storing search data
for longer than two weeks.
(PDF) asks for the FTC to:
order AOL to refrain from collecting or storing logs of its users’ search
activity except where necessary incident to the rendition of AOL’s services or
the protection of AOL rights and property, and to refrain in any case from
storing logs of its users’ search activity in personally identifiable form or
for more than fourteen (14) days;
The EFF also wants all those whose searches were revealed through the data to
be notified by AOL, which sounds like a good idea and something you’d think AOL
would already want to do. Other things are requested, such as one year’s worth
of credit monitoring to protect against identity theft. That seems far-fetched,
but I suppose you never know.
Coinciding with the complaint, the Wall Street Journal has a debate between
the EFF and an internet lobbying group NetCoalition that apparently represents
Yahoo and Google, among others.
Should Web Search Data Be Stored?, is free to anyone to view. It’s well
worth a read, if only to read that the US Department Of Justice is apparently
arguing that access to search records might not require a search warrant, as the
EFF says the Electronic Communication Privacy Act requires.
Overall, I’m much more on the side of the EFF in the debate. Some highlights
from it and my remarks about them.
NetCoalition: Search queries are stored and used by Internet companies
for internal purposes.
Me: Search queries have been shared by various companies in different
ways with third parties over the years. More important, even if these are stored
for internal purposes, there’s no guarantee that they’ll be perfectly protected.
Leaks, accidental or intentional, do happen.
NetCoalition: There are good, legitimate reasons why an Internet
company would use historical search queries for internal uses. For example,
search query information can be used in research and development to make
improvements to search technology, to better tailor and make more efficient
users’ online requests. Companies also analyze historical query information to
detect and protect against click fraud — an activity that involves faking
clicks on Web advertisements to drive up costs.
Me: Excellent points, but the major search engines are going to have
to step up now with better proof that there’s no way data can be tied back with
an individual, even when made "anonymous" in the way AOL has shown doesn’t work.
Click fraud refunds typically aren’t given for activity longer than 60 days, so
that provides a time horizon for how long data might be associated with actual
NetCoalition: Search queries are essentially "directory assistance"
requests from users to companies that help them find locations on the Internet.
The Electronic Communications Privacy Act is meant to protect communications
between and among users — not to protect requests from customers for directions
on the Internet.
Me: Wow, I think the search engines need a new lobbying group that
understands search better. Searches can be directory assistance and much more
than that. Search engines are confidents, trusted friends that we effectively
tell secrets to in order to get advice. They aren’t about getting location. They
are about getting information.
NetCoalition: The Video Privacy Protection Act is a bad analogy.
Internet companies do not match up the user’s personal information (e.g., name,
address and phone number) with search queries the way a video rental record
Me: Except they do. If you’re logged in to a search engine, then any
personal information you’ve provided is associated with your search query in
EFF: The public needs to know the facts about how their data is being
stored and used before they can make informed decisions as consumers as to
whether and how to use a particular search engine, and to make informed
decisions as citizens as to whether and how Congress needs to update the law. I
think the best route would be hearings in Congress to get to the bottom of the
Me: I think the best route would be for the search engines themselves
to act in conjunction with privacy groups right now to get protections and
standards in place. But if they can’t act, then hopefully laws covering the
entire search spectrum — from ISP to search engine — will be enacted.
NetCoalition: Search queries are not being linked to users’ personal
information and shared for marketing purposes.
Me: Except they are. Showing ads in response to a query, while
long-standing and generally accepted, is a marketing purpose. Showing ads based
on search profiles, such as the New York Times
wrote about today,
is a more extreme example.
EFF: My organization also strongly opposes proposals by the DOJ and
Congresswoman DeGette that would force companies to store this kind of sensitive
data for government use. That’s like asking the post office to keep copies of
our mail, or phone companies to keep recordings of our phone calls, just in case
investigators might find it useful. The bottom line is that Americans deserve
the same privacy protections online that they’ve always had offline, and that
includes the ability to be able to speak and consume speech freely and
privately, without fear that their deepest secrets might be shared with the
government or published to the world. Yet when search engines accumulate this
kind of data, such disclosures are bound to happen, as this week’s news has
Me: Well said!
Postscript: I’d sent some questions over to the EFF and just got
answers back from EFF staff attorney Kevin Bankston. Here they are:
Q. Why just AOL? Why aren’t you asking for all search engines to be
limited? I did see that you want federal laws to expand to cover them, but what
happened with AOL could happen with the others as well.
A. Why aren’t we asking the FTC to investigate and take action against
other search engines? Because we can’t, just like we can’t go to court and
demand that Google pay for AOL’s mistake. The FTC isn’t a suggestion box. We
had a specific complaint about AOL–we think this disclosure violated their
policy and therefore constitutes an unfair and deceptive trade practice–and
we filed that complaint with the FTC. If other companies engaged in similar
disclosures, we’d file similar complaints.
If you are familiar with our work, you know that we’ve been complaining
about the logging practices of search engines as a category for a long while.
In fact, I’m usually the one trying to explain to Google-hungry journalists
that your Yahoos and AOLs and MSNs and other multi-service portals pose most
if not all of the same privacy threats, so it’s funny to be accused of
singling out one of them for some sort of special mistreatment. We’re merely
reacting to a specific incident that happened to involve AOL rather than
Google or Yahoo or MSN.
We want strong, clear legal rules that cover all the search engines; we
want all the search engines to limit retention.
Q. Why just the search engines? Many ISPs are recording the same data but
aren’t being limited on data retention. It’s actually more worrisome to me in
that many ISPs are happily selling this data to third parties.
Again, if you are familiar with our work, you know that we are generally
concerned about data retention by all stripes of online service providers
(see, e.g., our white paper on best practices for online service providers,
http://www.eff.org/osp/). So, in short,
we share your worry. But again, we are reacting to a specific incident
concerning a search engine, so our discussion right now is focused on search
BTW, if you are specifically aware of any ISP that routinely collects the
searches its users submit to other search engines, we’d love to hear more
about it. I think that without very clear consent from the customer, that
would be an unauthorized interception of your communications, and therefore a
Q. How long does the EFF retain search data? You’ve got a search box.
People do sensitive searches on your sites. I want to ensure AOL isn’t being
held to a higher standard than the EFF itself meets.
We don’t retain search terms. Of course, since we use Google, Google does
undoubtedly retain them. But we proxy everyone’s requests so that their IP
addresses and cookies are not transmitted to Google, therefore individual
search terms are only identifiable to EFF visitors as a population and not
personally or uniquely. In fact, we call this out on our site: if you click on
the link next to our
search box that says "about EFF’s search," you’ll see a pop-up that says "EFF
uses Google for search functionality on www.eff.org. To protect your privacy,
EFF proxies search requests to Google with a special CGI script on our server,
thus hiding your IP address and your Google cookie (if any) from Google’s