Google Inc. said it will soon start issuing user cookies that automatically expire after two years for users who don’t return to the search site.

However, the cookies of users who continue to click on Google for search during this time period will automatically renew, wrote Peter Fleischer, Google’s privacy counsel in the official Google blog Monday.

“Regular Google users will have their cookies auto-renew, so that their preferences are not lost,” Fleischer said. “And, as always, all users will still be able to control their cookies at any time via their browsers.” He said the new cookie policy will start “in the coming months.”

Fleischer said Google made the decision after hearing from users and privacy advocates.

But at least one privacy advocate said the search site could do more.

“Google’s paying attention to the issue of cookie expiration, but as a practical matter I think this change will have little impact on online privacy,” said Marc Rotenberg, executive director of the Washington-based Electronic Privacy Information Center. “Users still know too little about how Google collects information, what information is collected and what it’s used for. And of course, [for] anyone who returns to the Google site within two years — the cookie will be renewed. I think two days rather than two years is probably a better period for a search cookie.”

In his blog, Fleischer said Google was committed to improving its privacy practices and had recently started taking a closer look at cookie privacy because it is a problem for both servers and clients.

Fleischer said all search engines and the majority of Web sites use cookies, small bits of code stored on the user’s computer, to remember users’ preferences. Fleischer said Google uses its so-called “PREF cookie” to remember a user’s basic preferences such as whether the user wants search results in English or whether the user has opted for a SafeSearch setting to filter out pornography. Originally, Google set the PREF cookie to expire in 2038 in order to maintain users’ preferences.

Last month, the company announced that it was going to make the data it stores about end users anonymous in its server logs after 18 months.

“Together, these steps — logs anonymization and cookie lifetime reduction — are part of our ongoing plan to continue innovating in the area of privacy to protect our users,” Fleischer said.


Share on LinkedIn Share with Google+