Google Inc. is shortening the life span of its "cookie" data-tracking file — but it's not clear whether the move would do much to enhance privacy.
Under the new policy, the cookies would expire automatically after two years, instead of in 2038 as is currently the case. However, the two-year period could get automatically extended when users revisit Google's search engine, so one might have to avoid Google for a full two years to see the cookie automatically expire.
"It sounds like it changes things ... but the reality of how people use computers, I don't think it in reality changes anything substantially," said Pam Dixon, executive director of the World Privacy Forum, a nonprofit privacy-advocacy group.
Privacy advocates have become increasingly concerned about Google's privacy practices as the company expands into services such as e-mail, maps and photos. Data retained by Google could be subpoenaed by law-enforcement agencies and other parties. Google already has decided to remove key pieces of identifying information from its system every 18 months to address those worries.
Google says its cookies are important for remembering users' preferences — such as the number of results per page, the primary language and the enabling of filters to weed out sexually explicit Web sites. That's why cookies were set to expire far into the future — beyond the expected life spans of personal computers today.
But those cookies contain unique ID numbers that can be used to assemble a dossier on that user.
It's possible for users to manually flush their cookies before the two years are up, but many users don't bother or know how.
In a blog posting, Google's global privacy counsel, Peter Fleischer, described the move as a way to enhance user privacy "without artificially forcing users to re-enter their basic preferences at arbitrary points in time." Concerned users, he said, could always manually control their cookies.