Microsoft pounces on Google privacy price

Redmond says it puts people first, Google fires back.

Microsoft will launch an advertising campaign claiming its software puts "people first" by capitalising on fears raised by Google’s privacy policy overhaul.

“The changes Google announced make it harder, not easier, for people to stay in control of their own information,” wrote Microsoft’s chief communications officer, Frank X. Shaw, on Wednesday in reply to Google’s claim it was making privacy simpler by consolidating its policies.

“We [Microsoft] take a different approach. We work to keep you safe and secure online, to give you control over your data, and to offer you the choice of saving your information on your hard drive, in the cloud, or on both.”

There’s nothing new from Microsoft, just a reminder that it has alternatives to Google search, Gmail, Chrome and Docs in the form of Bing, Hotmail, Internet Explorer (IE) and Office 365 -- all under serious threat from Google. 

IE continues to lose share to Chrome, according to Statcounter figures, which put Chrome in January 2012 with 28 percent worldwide share against IE’s 37 percent -- an 11 percent margin that has halved since January last year.

Meanwhile Microsoft is tackling Docs online with a paid license model for Office 365 against Google's free service for consumers. Each charge a monthly user fee for enterprise customers.  

Hotmail's dominance, too, is under threat. Microsoft reported in March 2010 that it had 369 million active users while Google's chief Larry Page last month revealed Gmail had cracked the 350 million active user mark.   

Microsoft will run the ads in a series of major US newspapers, writes Shaw.

“If you haven’t tried these Microsoft products and services, give ‘em a shot. If you’ve tried them before and moved on, come on back. We’ve left the light on for you.”

Google's policy manager Betsy Masiello has issued its response to "myths" being peddled by Microsoft and other detractors.  

"Microsoft has no data liberation effort or Dashboard-like hub for users. Their privacy policy states that 'information collected through one Microsoft service may be combined with information obtained through other Microsoft services.'", she argued. 

Google's tape backups pose challenges to privacy control

The unsurprising attack from Redmond follows a response to questions by members of US Congress about the policy changes by Google's director of public policy, Pablo Chavez. 

Chavez said the new policy does not increase the visibility of user information and maintains users' “privacy controls”, but he also revealed there would be no change in how it archives that data. 

“The updated Privacy Policy does not materially change our archiving or deletion practices,” wrote Chavez. 

Not much is known about how Google archives data, such as search histories it holds on its users. 

Google’s Global Privacy Counsel Peter Fleischer shed some light on that question in a personal blog post last year, revealing retention periods were different for each product. 

“Search logs (9 months), Instant Search logs (2 weeks), Suggest logs (24 hours), etc,” he wrote.

More recently he tackled the issue of archiving in response to the EU’s recently proposed provision in its upcoming data protection overhaul, the “right to be forgotten”. 

“It's a big step to turn a vague political slogan into a law,” wrote Fleischer, referring to that right.

The right to be forgotten could pose huge challenges to the archiving system that Chavez described. 

Google already faced technical challenges in balancing its archives as a disaster recovery source with the demands of providing the “privacy controls” that allow users to really delete things Google holds. 

Chavez wrote that Google has always shared user data between its own services to improve them by more tightly integrating distinct services like Gmail, Calendar, Docs, Google+ and the last service’s sharing feature, circles.

The two factors that override Google’s “good faith” efforts to delete data at a user’s request is the law (for example EU data retention requirements) and “legitimate business purposes”, which include its archiving system that was not designed to handle requests to delete data without also compromising its disaster recovery capacity.

“Immediate deletion is not always practicable due to the way the archiving system operates,” wrote Chavez. 

That’s because the original purpose of the system was to be “highly reliable for data retention in order to prevent data loss in case of failures, which must be balanced against deletion requests.”

“After receiving a deletion request from a user, archived copies will expire and the archival system has mechanisms to subsequently overwrite expired archived data. Data may be retained for a number of reasons, such as when required for legal compliance,” explained Chavez.

“The data is archived on tapes to ensure data recovery in case of failures. Retention periods for archived data vary depending on data source, technology type, and business requirements. Retention can be for a set period (such as 60 days) or for the life of the storage medium.”