Google is introducing new data retention practices and privacy controls.
Today (24 June), Google and Alphabet CEO Sundar Pichai authored a blogpost sharing some updates on the company’s ongoing work to improve privacy on its platforms.
This includes changes to Google’s data retention practices across its core products to keep less data by default, and new privacy tools and Incognito mode features.
“We believe that products should keep your information for only as long as it’s useful and helpful to you – whether that’s being able to find your favourite destinations in Maps or getting recommendations for what to watch on YouTube,” Pichai wrote.
He explained that this is why the company introduced auto-delete controls last year, which give users the choice to have Google automatically and continuously delete location history, search, voice and YouTube activity after three months or 18 months.
New data retention practices
Google is changing its data retention practices once again, this time making auto-delete the default for its core activity settings. Now, when a Google user first turns on location history – which is off by default – the auto-delete option will be set to 18 months.
The deletion of web and app activity will also default to 18 months for new accounts. This means that user activity data will be automatically and continuously deleted after 18 months, rather than kept until you choose to delete it. These settings can be turned off or changed by each user.
The company will not be changing settings for users who already have location history and web and app activity turned on, but will actively remind users about the auto-delete controls through in-product notifications and emails.
The company is also making changes to the auto-delete features on YouTube, which will now be set to 36 months by default for new accounts or users who turn on their YouTube history for the first time.
“This improves upon current industry practice and ensures that YouTube can continue to make relevant entertainment recommendations based on what you’ve watched or listened to in the past – like letting you know if your favourite series has released another season, or when your favourite artist has a new album,” Pichai wrote.
Default retention periods will not apply to other products such as Gmail, Drive and Photos, which are designed to store personal content for as long as users need access to it.
New privacy controls
To adjust privacy settings, users logged into their Google accounts can now search ‘Is my Google Account secure?’ and they will be directed to their privacy and security settings. Google added that it is going to be more proactive about making users check their privacy controls, with prompted recommendations and tips to help users manage their settings.
The company is also making it easier for users to access Incognito mode by long-pressing their profile picture in Search, Maps and YouTube.
“Five years ago we launched the Security Checkup, an easy, one stop shop for securing your Google Account,” Pichai wrote.
“Now in one click we’ll give you a snapshot of your account security offer personalised recommendations to help keep your data safe. In the coming weeks, Password Checkup, our tool that checks if passwords saved to your Google Account have been compromised, will now become a core part of the Security Checkup.”
Google said that more than 100m people have used Password Checkup since it was launched last year.
Open-sourcing Google’s differential privacy library
Google plans to open-source its differential privacy library to make it easier to build privacy into products across the industry.
Pichai said that the library has already been used by developers around the globe but is now being expanded to new programming languages including Java and Go. The company will release additional tools to help developers use machine learning to enhance privacy protections.
“As we make privacy and security advances in our own products, we continue to advocate for sensible data regulations around the world, including strong, comprehensive privacy legislation in the US,” Pichai wrote.
“To help inform this work, we’ve published a regulatory framework based on privacy laws and models around the world, such as Europe’s GDPR, and our own experience building privacy-first tools.
“While policymakers continue their work, we will continue ours – by challenging ourselves to make helpful products with less data, and help raise the bar on privacy for everyone.”