Google's wasting no time in the wake of the Google vs China hack confrontation: Today the company announced it'll be asking the E.U. to form a panel on cybersecurity and privacy. Oh, and it's going to hang on to your user data too.
The issue between Google and China ostensibly rests on a massive and penetrating cyberattack that Google suffered late last year. The attack was apparently sourced in China, and included attempts to break into the accounts of Google users who are critical of China's human rights record. It was serious. It's had, and will continue to have, repercussions on all sorts of levels—right up to the U.S. government's involvement.
Part of the reason Google's making its threats about pulling out of China is that its user's trust was damaged by this hack attack. And before you feel your hackles raising at this criticism of what's being otherwise hailed as a wonderful pro-human rights maneuver, think about it: Google keeps vast and detailed files on almost everything you do when you interact with its numerous services. It's how it can optimize these services to suit you and its future business, and so it knows which adverts to serve up to you. It's a highly financially-motivated system. And if Google's users trust is damaged, perhaps by the evident leak of what may be highly compromising Google user data to Chinese officials, it may have serious fiscal repercussions at some point down the road.
Which is possibly one of the reasons why Google's top privacy lawyer, Peter Fleischer, announced Google will be submitting a privacy proposal to the E.U.'s Article 29 committee later this week. The proposal, directed at the multi-nation committee of data protection officials, will call for a new panel to monitor the developing ethics of Internet privacy and security. The idea is that the panel will be comprised of privacy experts and cybersecurity gurus—people with up-to-date knowledge that'll help steer E.U. policy as well as acting to prevent security cracks and privacy invasions like those that happened before Christmas.
Google's actually responding to earlier Article 29 committee requests to explain the issues surrounding data harvesting of search engine user habits, so it also plans to use the platform to illustrate why it needs to keep hold of user data for so long. According to Fleischer it's because of the Chinese hacks, and the "threat of similar such attacks in the future," which have emphasized the "importance of internal analysis of logs."
In other words, Google knows exactly how valuable its user data archive is, and it fully intends to keep hold of it for as long as possible, protecting user anonymity by anonymizing some of the IP address figures associated with each and every user record. That's in direct conflict with other news today from Microsoft's own search engine Bing, which will now scrap "the entirety" of IP records after just 6 months instead of the current 18. It's not known if MS is preemptively acting before the E.U. makes any official moves on this issue, but it's clearly taking a very different stance to Google.
Privacy and user trust are hot topics at the moment though—with controversial (and arguably false) statements from Facebook's Mark Zuckerberg just last week that privacy "norms" are evolving—so you can expect to see further political involvement in this issue, and differing responses from the search engine giants as they struggle to maintain their cash business model within government regulatory changes.