[bm98]

If Google deletes all of its personally-identifiable data within 48 hours, then the risk to current users of any future privacy policy change is small. The real problem is when a service collects -- and never purges -- data under the guise of one privacy policy, but leaves the door open to adopting a different privacy policy which could be retroactively applied to the data already collected. I'm no lawyer, but the OpenDNS privacy policy does appear to fall into that category: "Your continued use of our sites and services after any change in this Privacy Policy will constitute your acceptance of such change." Right, and if I stop using the service when the policy changes, will my old data be automatically flagged so that it still falls under the old policy?

[pyre]

  Privacy Policy Changes
  OpenDNS may change its Privacy Policy from time to time, and
  in OpenDNS' sole discretion. OpenDNS encourages visitors to
  frequently check this page for any changes to its Privacy Policy.
  If changes are made, notice will be given in the OpenDNS sites
  and the OpenDNS blog at http://blog.opendns.com/ and we *may* send
  an email to registered using to notify them of the change. Your
  continued use of our sites and services after any change in this
  Privacy Policy will constitute your acceptance of such change.

So you may have a notice pushed out to you, but you may not. If you use OpenDNS to make the DNS request to to view their blog to read the new privacy policy, technically you have already made use of their service under the new terms. Oops.

Edit: emphasis in the quote was mine