How we measure privacy protections?

September 17, 2010

What data is collected?
Who has access to this data?
How is this data used?
Is this data transferred to third-parties?
Can the data subject see and control this data?
Is this data protected by adequate security safeguards?
How long is this data retained before it is either destroyed or anonymized?

The last one is the least important in terms of measuring meaningful privacy protections for data. But curiously, it’s precisely this one that I hear the most as I move around Continental Europe listening to privacy media and regulatory concerns in the online debates in recent years. Why is that?

European privacy law has clear provisions that personal data should not be retained “longer than necessary”. Naturally, this time period is left vague in the laws, since it would be impossible to prescribe precise time periods for myriads of different contexts, especially since retention is always justified by “legitimate purposes”. I think there’s a temptation to try to boil privacy down into something simple and numerical, and what could be simpler and more measurable than a time period? In practice, there’s a vast spectrum of legitimate retention periods, even for similar services, if the retention periods were designed to respect the very different legitimate purposes for which they were retaining data. To take some Google services as examples: Search logs (9 months), Instant Search logs (2 weeks), Suggest logs (24 hours), etc.

Read More

Ready for a Private and Secure Online Workspace – GoSecure

%d bloggers like this: