Google calls for global privacy standard

14 Sep 2007

Search giant Google yesterday called for the creation of a single set of global privacy standards to replace the patchwork of data protection rules around the world, a move it says will be intrinsic to the future development of the internet.

Speaking to press on a conference call prior to a UNESCO conference on ethics in the information society in Strasbourg, Google global privacy counsel Peter Fleischer (pictured) said that the rapid development of the internet is forcing an increased focus on privacy and data protection rights.

He said that a Pandora’s Box of privacy issues are forcing players like Google as well as national governments to think about the necessary privacy regime for the internet in the next five to 10 years.

“The internet is a global medium and its data crosses many geographic boundaries. The total amount of data on the internet is exploding and threats to privacy rights such as spam cannot be dealt with on a fragmented basis.

“Three quarters of countries in the world have no meaningful privacy regime at all,” he said.

Fleischer said he was calling for the creation of an international minimum privacy standard that would be adhered to worldwide. Pointing to regions like Europe where each country has its own set of data protection and privacy laws Fleischer insisted: “This is not about lowering standards in Europe.

“International privacy standards that exist today date back to the 1980s before the internet came into being. But if people felt privacy needed to be protected in the 1980s, it is dramatically more necessary with the rise of the internet today.”

Fleischer said a good example of what can be achieved worldwide is that of the Asia Pacific Economic Cooperation (APEC) Privacy Framework, whose members include countries like Australia, Japan, Singapore, Brunei, Mexico and Chile.

The APEC Privacy Framework can be described as a practical policy approach agreed by all nations in the community to enable accountability in the flow of data while preventing impediments to trade.

“I would view the APEC Framework as a good start for international discussions,” Fleischer added, pointing out that even in regions in the world where there are privacy laws there are issues to be addressed. “In the US, for example, privacy laws vary from State to State. It’s a patchwork of confusing federal privacy laws.

“Similarly Europe has a long tradition of privacy laws that were passed before the internet existed and are ill-suited to deal with the complexity of international data flows that are a reality today.”

Fleischer said that Google will be meeting with other leading internet players such as Yahoo and Microsoft as well as leading privacy regulators at a data protection commissioners conference in Montreal.

“Google is just one player on the internet, not just in the search industry but part of the broader internet. While we can apply good privacy standards in our own business, there is need for a good policy standard across all companies and industries.”

Google earlier this year revealed that it would implement a policy of destroying user data such as cookies after two years to protect and safeguard privacy.

Fleischer explained the rationale behind search companies gathering this data in the first place: “We retain server logs for several legitimate purposes, including protecting our own systems from malicious attacks and protecting advertisers from click fraud. If we didn’t retain these logs we wouldn’t be able to maintain security.”

He pointed out that when Google revealed its new destruction of data policy other players like MSN and Yahoo followed in its wake.

“We need to create an international standard that protects individuals and businesses and provides a framework for the internet to develop as a constructive force in society for the next 10 years,” Fleischer added.

By John Kennedy