March 25, 2008 | By Peter Eckersley

PrivacyFinder.org: Search, but with Privacy

The level of privacy offered by search engines is generally woeful. Last year, the three big players (Google, Yahoo! and MSN) made some improvements by limiting the duration for full retention of logs about who has searched and what they've searched for. That means that after a year or two, it would be harder — though probably not impossible — for the major search engines and their advertising partners to reconstruct a complete history of your searches.

Ask.com went further with their AskEraser feature, which allows users to have their logs deleted and to opt-out of being tracked (Ask.com could have done better by finding a way for opt-out to be available without a cookie).

Despite these improvements, the average Internet user still has very little privacy for their search history. We have documented the measures you can take to protect yourself, but they aren't all that simple.

So it's exciting to report that one small search engine is experimenting with ways to be an aide, rather than a threat, to privacy. PrivacyFinder is a research project at the CMU Usable Privacy and Security Laboratory (full disclosure: Lorrie Cranor, who heads the lab, is also on the EFF Board). It offers an interface to Yahoo! and Google, but with two notable improvements: an excellent logging/data retention policy, and a feature that shows the user information about sites' privacy policies along with the search results. That way, if two sites offer the same service but one of them is better from a privacy point of view, the user will see that quickly. The PrivacyFinder researchers tell us they've observed that people will, for instance, pay more for an item from an online store if they can see that it has an excellent privacy policy.

PrivacyFinder seems to be making productive use of P3P, an old privacy standard that has, in many other respects, fallen short of expectations. If you run a search on the site, you can quickly see when one result matches your standards and others don't.

Privacyfinder's logging policy is amongst the best in the industry (Ixquick is also first-rate). Privacyfinder only keeps search records for a week, unless the user explicitly opts in to being tracked. Because the CMU Laboratory wants to do research on the use of search engines, it's offering prizes for people who are willing to be tracked for research purposes. That's the way we like to see it done.

Meanwhile, several other developments are in the works. New York State legislators have been talking about taking parts of the search privacy problem into their own hands. There are rumors of new startups planning to enter the "privacy search" market. And EFF is working on a scorecard for systematically evaluating the effectiveness of various privacy measures at search engines. Stay tuned to Deeplinks for future developments!


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Law professor @steve_vladeck demolishes McConnell amendment removing FISA Court amicus reform: https://eff.org/r.qaul

Jun 2 @ 8:47am

The Senate has voted again to move forward with USA Freedom. Amendments and the final bill could be considered today—barring objections.

Jun 2 @ 8:02am

The Senate is currently debating USA Freedom, and a vote is expected today. Watch live: https://eff.org/r.jjm2

Jun 2 @ 7:33am
JavaScript license information