US District Court Favors Yahoo!

May 18th, 2011

On May 10, 2011, a jury in the United States District Court for the Eastern District of Texas returned a verdict in favor of Yahoo!. Back in June 2009, Bedrock Computer Technologies sued Yahoo! for patent infringement, alleging that Yahoo!’s use of certain versions of the Linux operating system infringed the claims of Bedrock’s United States Patent No.5,893,120. However, after a four day trial, the case was submitted to the jury, and the jury found that the versions of the Linux operating system used by Yahoo! do not infringe.

“Yahoo! is extremely pleased with the verdict. We thank the court for the opportunity to be heard, and we thank the jury for their time and attention to the case, particularly given the split schedule for trial” said Kevin Kramer, Yahoo!’s Vice President for IP Litigation. The court conducted trial on April 27-29, then took a break and resumed trial on May 9, 2011. “Despite the split schedule, all 8 jurors faithfully attended trial every day, and Yahoo! is grateful for their dedicated service,” Kramer explained.

“This is an important win in our ongoing efforts to protect Yahoo!’s business and its freedom to operate on the Internet,” said Jeanine Hayes, Yahoo!’s Head of Global IP. “Yahoo! respects intellectual property rights, but we need to defend ourselves when we determine that patent infringement claims made against us are unfounded.”

This is not the first time Yahoo! has successfully defended itself in the Eastern District of Texas. Last August, Yahoo! prevailed in a patent infringement action brought by Bright Response, LLC. In that case, Bright Response accused Yahoo!’s Sponsored Search of infringing patent claims related to the processing of electronic messages, but the jury returned a verdict that the patent was both not infringed and invalid.

Clarifying a Few Points about our Upcoming Data Retention Policy Change

April 22nd, 2011

A number of media outlets have recently reported on our data retention policy change. We’ve noticed a few inaccuracies and have received some questions.  So we wanted to clarify a few things for the record.

  • Both Microsoft and Google apply a multistep process to de-identify search log file data. However, neither of these companies completes their respective de-identification processes for search log files until the 18 month mark.
  • In Yahoo!’s upcoming policy change for search log files, we will be applying the same method we use today for de-identification. We are simply going to apply it 18 months once the policy goes into effect.

Yahoo! takes a 4-step approach to de-identifying search log file data.

  • Step 1: Delete IP address for most search log files and apply a one-way secret hash to the limited IP addresses that are needed to help our systems detect and defend against fraudulent activity.
  • Step 2: One-way secret hash (a form of encryption) unique identifiers from browser cookies.
  • Step 3: Same as above but we additionally delete half of each identifier associated with a Yahoo! ID.  We take this extra step for registration IDs because, unlike browser cookies that only identify a unique browser, we do associate these with personal information like names and email address.
  • Step 4: Look for patterns common to personally identifying information such as credit card number formats, Social Security number format, telephone numbers, street addresses and non-famous names that often appear in search log files – and then replace those values so it’s no longer identifying to anyone. We would know that a telephone number was searched, for example, but don’t keep the number that was entered.

This process above is what we use today and will remain the same for search log files going forward – only now we will be using a timeframe consistent with what others industry players have been using since at least 2008.

Anne Toth
Chief Trust Officer

Updating our Log File Data Retention Policy to Put Data to Work for Consumers

April 15th, 2011

Today, Yahoo! is making an announcement of our intention to change our log file data retention policy to meet the needs of our consumers for personalization and relevance, while living up to their expectations of trust.  Over the last 3 years, the way we and other companies offer services online and the way consumers experience the Internet has changed dramatically.  So, we will keep our log file data longer than we have been – offering consumers a more robust individualized experience – while we continue our innovation in the areas of transparency and choice to protect privacy.  We believe it’s a move forward for Yahoo! and our users.

In late 2008, after a careful review of our data systems and needs and after a great deal of discussion among policymakers about how long search companies should hold search log file data, Yahoo! announced a log file data retention policy that set us apart from the rest of our industry. We worked to minimize our log file retention to 90-days for most log file data, noting certain exceptions where we hold raw data for up to 6 months for fraud and security purposes and as long as necessary to meet our legal obligations. Our goal with this log file data retention policy was to continue to offer best-in-class, competitive products while striving to minimize how much raw data we held.

Today our goals remain the same – keep data as long as we need to and meet our consumers’ expectations on trust. While these things are fundamental to us, over the past several years it’s clear that the Internet has changed, our business has changed, and the competitive landscape has changed.  We have been reevaluating our log file data retention policy in light of these changes and as a result of this review we are moving to align our log file data retention policy closer to the competitive norm across the industry.  That means that after this new policy goes into effect, we will no longer apply the 90-day retention policy to raw search logs or other log file data.  We will hold raw search log files for 18 months and we will be closely examining what the right policy and time frame should be for other log file data.  In announcing this change, we have gone back to the drawing board to ensure that our policies will support the innovative products we want to deliver for our consumers.

Yahoo! has not been standing still on privacy. Over the past 3 years we have focused enormous resources on front-end transparency and meaningful choice for consumers. This is evidenced by our Ad Interest Manager tool and our commitment to CLEAR Ad Notice – privacy icons delivered with ads all across the Yahoo! network to give users control over customized advertising. We are continuing to improve these tools, are active in discussions on how to integrate browser-based Do-Not-Track tools into existing privacy models, and are working on even more consumer tools within Yahoo! products designed to put more control our users’ hands.  Privacy has always been a core value of this company.

Transparency with our users is the foundation of what builds trust. That’s why we are telling our users about these changes now, well ahead of when they go into effect. In the next 4-6 weeks we will begin rolling out notifications across Yahoo! to ensure that we have given clear and understandable notice to our consumers of this change in our policy.  Thirty days after we have completed these notifications, we will put the new policy into effect.  We expect this will occur sometime in mid-to-late July.

No policy exists in a vacuum and every company has to continually reevaluate what serves its consumers best over time. Changes like these are never undertaken lightly. We at Yahoo! are incredibly proud of the innovative new products we have launched and have lined up in the coming months for our users around the globe. We have a world-class research team using data to improve consumer experiences. We have a product team dedicated to innovative new products and features like Search Direct and Livestand.  And we remain one of the most visited and trusted sites in the world. We want to stay that way by putting our users’ data to work for them to make every visit to Yahoo! better than the last.

Anne Toth
Chief Trust Officer

en Español
en Français

CLEAR Ad Notice and Do Not Track Together

April 1st, 2011

Yahoo!  submitted a discussion proposal today to the W3C (World Wide Web Consortium) to consider  one possible approach to combining the CLEAR Ad Notice program supported by the nearly 6,000 members of the Digital Advertising Initiative with the newly released Do Not Track features in web browsers.

Industry’s efforts to deploy the Advertising Option Icon have gained significant momentum.  Yahoo! has surpassed 1.5 TRILLION impressions of the icon ourselves and has recently expanded coverage to the EU.  Google recently announced upcoming icon coverage for all of AdSense ads being served on hundreds of thousands websites.   Most major web browsers recently released features that align with calls for a “Do Not Track” solution to online behavioral advertising – although each company has taken a different approach to tackle the challenge.  Yahoo!’s  goal is to try to find a way to combine the best of the new browser-based approaches with the existing Advertising Option Icon developed with the cooperation of thousands of companies participating in the Digital Advertising Alliance.

While competition between companies over privacy practices can drive positive developments for consumers, in this case a better outcome for consumers is to converge on a single approach to exercise control over online behavioral advertising.  A single approach can reduce consumer confusion and better align the user experience with the consistency of the CLEAR Ad Notice program managed by the Digital Advertising Alliance (DAA).  Therefore, we propose that web browser developers align behind a single Do Not Track approach to increase consumer awareness through education and exposure to these features.

Advertising fuels the vast majority of free content and experiences available to consumers across the Internet today.  The sites that invest the time, energy, employees, and technology to provide these free experiences have a critical perspective and must be partners in the conversation with the companies that develop web browsers. All stakeholders should seek to find solutions that provide consumer privacy protections and continue to support a content publisher’s ability to monetize their efforts.

Yahoo! strongly supports the standards development process and is submitting these recommendations in the hope that vigorous, enlightened, respectful debate ensues to drive consensus towards a solution that meets the needs of consumers, publishers, advertisers, and the parties that support each.

Shane Wiley
Sr. Director – Privacy & Data Governance

Moving Forward-i with CLEAR Ad Notice

March 15th, 2011

Yahoo! is excited to further our commitment to increased transparency and control by updating our implementation of the Advertising Option Icon (CLEAR Ad Notice) to the “Forward-i” icon recently announced by the Digital Advertising Alliance (DAA). CLEAR Ad Notice provides users a simple link on or near an ad to provide more information about how interest-based advertising works and tools to manage their advertising experience.

Yahoo! began our implementation of CLEAR Ad Notice in April 2010 with an early version of the advertising icon – the “Power-i”.  Since that time, we have served the CLEAR Ad Notice over 1.5 trillion times across Yahoo! properties in the US.  In an effort to significantly increase the level of consumer awareness and control with respect to interest-based advertising in other markets, Yahoo! launched CLEAR Ad Notice in January 2011 on the Yahoo! sign-in page across France, Germany, Italy, Spain and the United Kingdom.

Today’s change in Yahoo!’s CLEAR Ad Notice implementation to the “Forward-i” continues to serve as a consistent reminder to consumers to learn more about and manage their interest-based advertising experience.  The roll-out of the new icon will take some time, but you will start noticing the Forward-i icon replace the current icon over the next few months on the ads you see across Yahoo! properties.

Vinay Goel
Sr. Manager, Advertising and Analytics Privacy

Do Not Track

March 11th, 2011

Yahoo! believes strongly in empowering users through providing transparency into our data collection and use practices and providing tools to exercise user choice in this regard.  This is evidenced through Yahoo’s leadership in partnering with the DAA and others in industry to develop ground breaking privacy enhancing tools for consumers, such as CLEAR Ad Notice,  Ad Interest Manager, and Persistent Opt-outs, not to mention footer links that help visitors learn more About our Ads and connect to our privacy center which carries a wealth of easily accessible information.

Recently each of the major web browser vendors have released features that place user choice tools within the web browser itself, responding to regulatory calls for “Do Not Track” capabilities.  Yahoo! is working with each of these vendors to better understand their solutions and how best to align our efforts.  In our recent response to the FTC request for comment, Yahoo! highlighted that some of these approaches would require websites to be reengineered to read new header signals broadcast to web publishers.  Further, Microsoft’s introduction of Traffic Protection Lists focuses on 3rd party data collection and could be very disruptive for users, even blocking the basic rendering of content.  This approach “breaks” many websites, including Yahoo!,  that aggregate or license content from third parties– or support and supply content for third party sites.

Yahoo! values the Federal Trade Commission’s statement with respect to DNT in their proposed privacy framework that “any such mechanism should not undermine the benefits that online behavioral advertising has to offer, by funding online content and services and providing personalized advertisements that many consumers value.”  Yahoo! believes approaches that allow users to consume content as expected and opt-out of Interest-based advertising and content data use – essentially preserving the customization our users have come to rely on with Yahoo! – are the preferred way to approach DNT.

Shane Wiley
Sr. Director – Privacy & Data Governance

Congratulations to Yahoo!’s Shane Wiley

March 5th, 2011

Shane’s outstanding contribution on CLEAR Ad shows how Yahoo! walks the talk on privacy.

The leader of Yahoo!’s privacy and data governance team was recognized on Sunday at the Interactive Advertising Bureau’s (IAB) Annual Leadership Meeting for outstanding work in creating a new industry standard.

Shane Wiley, senior director of Privacy and Data Governance, received the IAB Service Excellence Award for his work on the CLEAR Ad Notice that promotes high standards of transparency and consumer protection for the industry, showcasing Yahoo!’s leading role in online privacy discussions.

The IAB has nearly 500 member companies whose employees work in a volunteer capacity to shape standards, guidelines and best practices. To create the CLEAR Ad Notice — now the industry standard — Shane had to bring together different companies and industry groups including the Ad Ops Council and the Public Policy Council to create a set of guidelines that everyone could support – not an easy task!

“Shane has taken CLEAR Ad Notice from concept to reality here at Yahoo! and driven the standard across the industry when many thought it would be impossible to do so,” said Anne Toth, Yahoo!’s chief trust officer. “Not only has Shane been essential in making Y! a standout in walking the talk on privacy through numerous proof points, he’s driven real change across our industry in a relatively short amount of time. It’s no small task to develop an industry standard, bring others into alignment and then execute it among many, many players – all of whom fiercely compete against each other every day.”

Echoing Anne’s praise, Leslie Dunlap, senior director of Federal Relations, congratulated Shane on the award and thanked him for his contribution to Yahoo!.

“This is well deserved recognition – the industry wouldn’t be half as far along if Shane hadn’t stepped in and driven folks to get to a standard,” she said. “Yahoo! has been able to clearly show we were leading the way, and we’ve gotten a lot of credit for doing so on this project.”

Yahoo! Submits Public Comments on the Federal Trade Commission’s Staff Paper on Internet Privacy

February 23rd, 2011

Last Friday, Yahoo! submitted comments on the Federal Trade Commission’s (FTC) recently distributed staff paper titled, Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Business and Policymakers. We provided the FTC our thoughts and recommendations on the policy positions outlined in the staff paper as well as highlighted areas that need further consideration and evaluation by the FTC.

Privacy has been part of Yahoo!’s DNA since our founding.  We have been at the forefront of protecting our users online for almost two decades and addressing privacy concerns is an issue that we have always taken seriously. We believe that our comprehensive approach to customization across a variety of platforms and our efforts to integrate privacy protections directly into our offerings help provide the best experiences for users in the new digital world, a world that exists beyond traditional geographic boundaries.

Privacy is an extremely complex issue with many dimensions and layers that are context and user specific. There is rarely a one size fits all approach because consumers have different attitudes and different preferences.  What is critical is to offer transparency, privacy tools and education to consumers while still allowing businesses the flexibility to offer the kinds of products that consumers demand and to do so in a way that preserves the consumer benefits of free online content and services.  Our comments highlight the complexity of the debate and the finer nuances of the issues at hand, particularly about concepts like Do Not Track and Privacy By Design.

‘Do Not Track’ (DNT) has been in the news and on the minds of legislators, media and online companies.  In fact, the three major browser companies have recently introduced proposals for DNT.  Simplified choice for consumers is the goal of DNT proposals and Yahoo! agrees with this objective.  However, a key concern for online companies is that some DNT proposals eliminate the basic collection of user data; a scenario that creates barriers not only to routine Internet operations, but also to basic fraud detection and prevention processes.

Aside from browser provided controls, there are well-developed Web-based tools that offer strong protections that should not be ignored. The Digital Advertising Alliance’s Advertising Option Icon program is the strongest approach to DNT available today, and least likely to undermine the benefits of Online Behavioral Advertising, which the FTC indicates is also one of their goals for DNT.  The Advertising Option Icon program already covers the vast majority of the advertising marketplace that uses behavioral targeting tools, and the implementation is growing in size and scope. In this program, ad markers take users to information and choices about advertising – an unprecedented effort to allow users to make choices on an industry-wide basis.  As the program continues to roll out, additional educational efforts will help users better understand the meaning of the symbols they see in or around online ads.  Yahoo! will be doing its part; we have displayed an advertising label and icon over one-trillion times on the Yahoo! networks of sites alone.  Yahoo! believes this effort is a strong answer to calls for DNT through enforceable self-regulation and should be further encouraged by the FTC.

Our thoughts on the concept of Privacy by Design (PBD) are also outlined in our comments.  PBD is illustrated by applying privacy considerations throughout the entire life cycle of technologies and procedures.  We support this idea of PBD and consider it to already be a fundamental component of how our products and services are developed. Yahoo! considers the privacy of our users when innovating and providing online experiences, and we have always believed that PBD allows us to address privacy concerns when we build protections into the product architecture.

Consumer education remains at the heart of these issues, and is an important part of the privacy conversation as well.  Many choices are available to consumers through Web tools, browser tools, and contextual features in existing products and services.  Yahoo! helps empower consumers to use these simple to use and easy to access tools by making available additional supporting information – providing the education and background many users desire. These efforts are fundamental to our continuing efforts to build trust with our users.

Yahoo!’s full comments can be accessed at

Anne Toth, Chief Trust Officer, Yahoo! Inc.

Yahoo! Supports Safer Internet Day 2011 with Global Online Safety Resources

February 7th, 2011

Fostering safe online experiences is more important than ever as young people are among the first to adopt the technology and gadgets entering our homes.  Children as young as 15 months are playing with iPads, approximately 1 in 3 teens in the US are sending over 3000/texts a month and sadly, cyberbullying incidents are on the rise. Parents and educators across the globe are looking for practical advice and solutions on how to foster children’s online safety with today’s always on, always available technology.

This year, during global Safer Internet Day on Feb. 8, 2011, the industry will be coming together to help educate families and promote safer and more responsible use of online technology and mobile phones among children and youth.

Online safety is a priority for Yahoo! and we are celebrating global Safer Internet Day by introducing Yahoo! Safely in 26 countries across 14 languages providing parents, educators and youth with information and advice about making smart choices online.  As one of the only global safety resources, Yahoo! Safely offers locally relevant advice on important topics such as managing digital reputations, avoiding cyber-bullying, and learning how to minimize risks on mobile devices.

Yahoo! Safely - Stay Safer Online (and have fun)!

In the Middle East, Yahoo! Maktoob is also launching a localized online safety resource called Yahoo! Safety Oasis. Yahoo! Safety Oasis educates Arabic-speaking children about how to properly surf the net and protect their personal privacy through a series of fun, interactive edu-tainment courses offered through a number of Yahoo! Maktoob channels.

Last year, Yahoo!’s online safety survey revealed that parents are in fact doing their part  with 70% of parents talking to their children about online safety 2-3 times a year.  Now Yahoo! Safely and Yahoo! Safety Oasis give parents and educators around the world the tools and guidance to have these ongoing and productive conversations with their children.

It’s important that we work together as a global community to help create a safer and positive online experience for our children. We are thrilled to be able to make an impact and help raise global awareness around Safer Internet Day 2011.

Catherine Teitelbaum, Yahoo!’s director of child safety and product policy

Yahoo! Submits Public Comments on the Department of Commerce’s Green Paper on Internet Privacy

January 31st, 2011

In December 2010, the Department of Commerce’s Internet Policy Task Force distributed a Green Paper called, “Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework” which details ‘initial policy recommendations aimed at promoting consumer privacy online while ensuring the Internet remains a platform that spurs innovation, job creation and economic growth.’

We applaud the DoC and the paper as a whole, and Yahoo! appreciates having the opportunity to offer our filed comments to ensure that considerations from all interested parties, including Internet companies like Yahoo! are heard.

While I won’t go through every aspect of the comments we filed today, I will give you a general sense of the overall themes seen throughout our submission:

  • Self regulation backed by strong enforcement will play an important role in industry and policy decisions as we move forward.
  • The creation of voluntary, enforceable codes of conduct is the best way to balance a host of different and sometimes competing interests implicated by the privacy debate.
  • Although the “Do Not Call” registry has been successful, replicating that in the form of a “Do Not Track” mechanism is much more complex and has the potential to significantly disrupt users’ online experiences.
  • The continuation of a Fair Information Practices and Principles (FIPPs) based approach to Internet privacy will help us move forward, but we must recognize that not all information is the same and therefore cannot be treated as such.

As one of the Internet’s first successful companies, Yahoo! has been a driving force in balancing innovation and personalized online services with built-in privacy protections.  For more than 15 years, we have embraced privacy by design — working to integrate transparency and control into our products from their inception.  Yahoo! continues to pride itself on being a leader in online privacy.

Providing our consumers with an enjoyable and personally relevant online experience, while simultaneously empowering them to protect their privacy with tools and security settings at the point of action, is a constant focus for Yahoo!  For a look at some of our privacy innovations, check out our Data Privacy Day post.

I look forward to being an active and vocal part of the consultative process as the Task Force moves ahead with its final policy considerations.

Anne Toth
Yahoo!, Chief Trust Officer