Privacy is a big issue on the Internet these days and companies like Google have to put a lot of effort into convincing or reassuring Internet users that they do care about the individual user’s privacy.
A recent post at Google’s Privacy blog explains Google’s approach to privacy in the form of a presentation that lists the data that is collected by various Google services and how that data is used by Google to improve their services.
Data that is stored by Google is divided into the three groups log data, account data and other information. Log data is stored when users who are not logged into a Google account perform searches or use the Google Chrome browser. Account data is stored when logged in users use services like Gmail or Picasa.
Other information logs are stored when users access services like Google Maps.
Google exemplifies that with the data that is logged by Google Search.
The first slide displays the data that Google stores for every search that is performed on their website. This includes the IP address of the user, date and time the search was performed and a cookie ID.
The second slide provides a detailed look inside the cookie which uses two randomly assigned ID numbers. The same slides explains that Google stores IP address information for nine months and cookie information for 18 months.
The remaining slides explain the purpose of those logs which basically comes down to improving search results and other services.
Take a look at the presentation below for the full picture:
It boils down to the following for Google Search. Google can track a single unauthorized user for up to 18 months providing that the cookies are not cleared in that time. The logs can contain several IP addresses, dates, times and search queries conducted by that single user.
It would be possible to merge that data with data gathered from Google accounts which could theoretically be used to identify a user based on those information (think emails in Gmail that often contain the full name of a user).
What’s your opinion (and possible precautions) on the matter? (Google Privacy Blog)