When Google released its Flu Trends service earlier this week, the Drudge Report flashed a headline that read: “SICK SURVEILLANCE: GOOGLE REPORTS FLU SEARCHES, LOCATIONS TO FEDS.”
Google sought to avoid this kind of reaction by talking about how Google Flu Trends protects the privacy of its users. The service relies “on anonymized, aggregated counts of how often certain search queries occur each week,” Google said.
Still, the worries persist. On Wednesday, two advocacy groups, the Electronic Privacy Information Center and Patient Privacy Rights, sent a letter to Eric Schmidt, Google’s chief executive, raising privacy concerns: “The question is how to ensure that Google Flu Trends and similar techniques will only produce aggregate data and will not open the door to user-specific investigations, which could be compelled, even over Google’s objection, by court order or Presidential authority.” The letter went on to challenge Google to publish the techniques it has adopted to protect the privacy of search queries used for Flu Trends.
There is no doubt that there are longstanding and legitimate privacy concerns about the collection and storage of search data by companies like Google, Yahoo and Microsoft. They all retain logs of the searches conducted by millions of people for varying periods of time. The logs include the search terms used in a query, the I.P. address of the computer that sent the query and a cookie associated with that computer. Those search logs could be misused by the companies, and they certainly can be subpoenaed by the government or sought by private litigants in civil lawsuits. More than two years ago, The New York Times showed how the data could be used to identify the individuals behind certain queries, at least before the data is partially “anonymized.”