Google may be violating European Union privacy laws by storing user information on customer queries for prolonged periods of time, advisers to EU regulators informed the company.
An independent European Union committee has begun an investigation to determine whether Google adheres to privacy guidelines set by the EU.
The 28-member panel, which advises the European Commission and EU governments on data protection issues, is demanding that Google address concerns about its practice of storing and retaining user information for up to two years.
The information kept by Google includes any search terms typed, addresses of the Internet servers, and personal information contained on identifier programs, better known as “cookies.”
While standard information is retained on everyone who uses the search engine, privacy groups are now concerned the data is being used to create profiles.
“The larger issue raises a concern that crosses the Atlantic about information gathered through search behavior,” Greg Sterling, an analyst at Sterling Market Intelligence, told the E-Commerce Times. “The data retention question is really a proxy for a larger debate about privacy and personal information.”
In Europe and the United States, regulators are claiming Google — as well as rivals Microsoft and Yahoo — may be violating Internet users’ civil liberties by using stored information to deliver targeted advertising.
In recent months — particularly after the Cupertino, Calif.-based company purchased online advertiser DoubleClick for US$3.1 billion — the scrutiny of Google’s security policies has intensified.
“Although Google has initiated personalization efforts, it’s an industry-wide issue,” said Sterling. “It is not just Google, but because of their size, they have been a focal point on this debate.”
Google is expected to respond to the charges before the June meeting of the advisory group.
“We believe it’s an important part of our commitment to respect user privacy while balancing a number of important factors, such as maintaining security and preventing fraud and abuse,” said Google spokesperson Victoria Grand.
The EU move comes on the heels of a consumer group’s request to the Federal Trade Commission for an investigation of Google’s privacy protection policies, spurred by its proposal to buy DoubleClick.
“Google is often a target because of the amount of information the company has amassed,” said Sterling. “People are starting to worry their footprint is too big and they have become too powerful.”
Google has been responsive to those concerns. In March, it cut the time it keeps users’ data on Web searches to between 18 and 24 months, Sterling pointed out, but that might not be enough to keep regulators off its back.