European gov data-privacy supremos have collectively said that search engines operating in their jurisdiction are governed by EU personal-data regs even if headquartered elsewhere. The Article 29 Working Group, a committee of EU member state data protection chiefs, is expected to issue a full working paper on search engines "in …
This is the same political corpse, sorry, corpus, that wants to go after filesharers via IP number tracking?
Other applications that log ip?
Why only search engines? Most web servers, by default, log visits including ip address and timestamp so are these also covered? These activities sound a little like what would be required to implement the 'three strikes' policy on file-sharing - how else is your isp to police your internet use if not by logging, and retaining, the data?
Once they have their feet under this particular table, I foresee a day when any EU based search engine will return no results when certain keywords are used together.
E.g: "EU commission" and "nepotism", "EU" and "fraud", "European parliament" and "gravy train", "EU constitution^H^H^H^H^H^H^H^H^H^H^H^Htreaty" and "bog paper", "MEP" and "expenses", "Strasbourg" and "beano".
Coat and can I have a receipt itemised as "working lunch for three" please?
Since Google, MSN and Yahoo! have cookie driven mail and group accounts, the cookies sent while doing searches on their platforms should be enough to tie users to their accounts, even if IP addresses are scrubbed from search engine records.
Paris, because I'd love to get my hands on her cookies.
So change the search engine?
So that it doesn't collect user's IP addresses and search history. I know the marketing droids won't like it but gives a f%%%.
In the great scheme of things
Probably end up as a MS only bash, Google excempt.
google.com and google.co.uk
They will find it hard to make this effective.
When you make a google search through google.com, perhaps through the default search box on your browser, if you are thought by Google to be in the UK (for instance) it redirects from google.com to google.co.uk. Fair enough perhaps, though the results are different, but I won't get into that here.
The point is that the search terms go through (I presume) google.com in the US, and thereby leave EU data protection jurisdiction.
I imagine google.co.uk is an EU/UK subsidiary of google.com, and as such would comply with any EU data protection laws - but even if that happens the default may be to go through google.com.
You have been warned...
re google.com and google.co.uk
"I imagine google.co.uk is an EU/UK subsidiary of google.com"
My imagination was getting away with me - google.co.uk is hosted in the US. Sorry.
Phorm getting users' traffic data from ISPs
VirginMedia, BT & TalkTalk are planning on giving their users' traffic data (browsing preferences, etc) to a company called Phorm (you may remember them from the Apropos rootkit) so that they can deliver targetted ads to their customers.
Phorm are a US company, but have an office in the UK so, presumably, this data will have to be covered by the EU DP laws?
more than just search engines?
will this also apply to MyFaceSpaceBook?
re: Phorm getting users' traffic data from ISPs
I always though that, due to the US's unbelievebly lax data security laws, the UK law required a persons express permission before transferring any personal data to the US.
Amazon have fallen foul of this in the past, by automatically signing people up to Amazon.com when they sign up for Amazon.co.uk.