Aus Freiheit statt Angst!

Version vom 00:45, 15. Jun. 2007 (bearbeiten) Alder (Diskussion | Beiträge) (→Brief) ← Zum vorherigen Versionsunterschied		Version vom 00:45, 15. Jun. 2007 (bearbeiten) (rückgängig) Alder (Diskussion | Beiträge) (→Brief) Zum nächsten Versionsunterschied →
Zeile 8:		Zeile 8:
	Mr Peter Fleischer		Mr Peter Fleischer
		+
	Privacy Counsel		Privacy Counsel
		+
	Google		Google
		+
	38, avenue de l'Opéra		38, avenue de l'Opéra
		+
	F-75002 Paris		F-75002 Paris
		+
	Sent via email: pfleischer@google.com		Sent via email: pfleischer@google.com

---

Version vom 00:45, 15. Jun. 2007

Info

Entwurf von Jan. Bitte lesen, diskutieren, ausführen, verbessern.

Brief

Berlin, 17 June 2007

Mr Peter Fleischer

Privacy Counsel

Google

38, avenue de l'Opéra

F-75002 Paris

Sent via email:

Dear Mr Fleischer,

in your June 10 letter [1] to the Chairman of Article 29 Working Party, Mr Peter Schaar, you claim that data protection is one of Google's main interests. We appreciate your efforts in improving protection of your customer's privacy, especially reducing the data retention period to 18 months. Even so we are strongly concerned about Google still violating applicable law of European countries.

You argue that it would not be possible to preserve your interests in security, innovation and fraud-resistance without storing personal data like IP addresses, search logs and user behaviours for at least 18 months. We recognise the difficulty of finding a way that both honours Google's needs and respects privacy protection considerations on the other hand. However to come to a compromise in this question belongs not to Google's area of responsibility, but is the task a democratic legislative.

For example German law specifically prohibits data retention as long as the information is not needed for accounting purposes. Therefore storing personal data is illegal for most services offered by Google as they are largely free of charge. Local laws are applicable for Google and the level of data protection should follow the laws of the country with the strictest privacy protection.

We fully accord with your questions related to the EU Data Retention Directive. As long as it is unclear how member states will implement this directive there dominates uncertainty. But until then only current laws are applicable. There is no reason why Google should bow to obligations that do not exist. Additionally Ireland and Slovakia filed a lawsuit against the Data Retention Directive at European Court of Justice. It is still unsure if EU member states will have to implement standardised data retention at all.

Further you give some concrete samples why data retention is necessary for operation of Google services. Of course analysing user trends is the basis for software like Google Spell Checker, but anonymised data would absolutely be sufficient to fulfil this task. Additionally, the protection of your servers against criminal attacks does not need such a widespread collection of personal data: retention of a few weeks logfiles would be enough. Moreover, dealing with fraud is the business of criminal prosecution, not every single company ones.

At last we want to remember how dangerous obsessive data retention potentially can be. As a worldwide operating company Google should now that not all countries are democracies as EU states and USA are. Data collected by private companies could be and still are being abused by totalitarian regimes. We wonder how it is possible to pervasively filter Google search results for Chinese users if anonymising search strings compromises operation of Google services.

Sincererly, xyz