Chris Soghoian called attention to this new blog entry on Yahoo! Policy Blog by Anne Toth, their “Chief Trust Officer.” After this notice, I wouldn’t trust them as far as I could throw ’em:
Today, Yahoo! is making an announcement of our intention to change our log file data retention policy to meet the needs of our consumers for personalization and relevance, while living up to their expectations of trust. Over the last 3 years, the way we and other companies offer services online and the way consumers experience the Internet has changed dramatically. So, we will keep our log file data longer than we have been – offering consumers a more robust individualized experience – while we continue our innovation in the areas of transparency and choice to protect privacy. We believe it’s a move forward for Yahoo! and our users.
In late 2008, after a careful review of our data systems and needs and after a great deal of discussion among policymakers about how long search companies should hold search log file data, Yahoo! announced a log file data retention policy that set us apart from the rest of our industry. We worked to minimize our log file retention to 90-days for most log file data, noting certain exceptions where we hold raw data for up to 6 months for fraud and security purposes and as long as necessary to meet our legal obligations.
Read the full blog entry on Yahoo! Policy Blog.
Seriously, Yahoo!? Seriously?
Retaining data for longer means increasing the risk of a security breach of yet more data.
Retaining data for longer means increasing the risk that users’ personal information will be handed over to the Department of Justice or law enforcement with no warrant required.
Why isn’t Yahoo! asking whether users want their data retained for longer or giving them a chance to say “No, thanks?”
Yahoo! was ahead of the pack when it shortened its data retention period. Now they’ve put themselves back in the pack.
What do you think of Yahoo!’s new value-subtracted change?