AOL Releases Private Search Logs For Over 500,000 Searchers
According to Tech Crunch, AOL Search has released 20 million web queries from 650,000 AOL users:
The utter stupidity of this is staggering.AOL has released very private data about its users without their permission. While the AOL username has been changed to a random ID number, the abilitiy to analyze all searches by a single user will often lead people to easily determine who the user is, and what they are up to.
The data includes personal names, addresses, social security numbers and everything else someone might type into a search box.
Obviously, this is a gross invasion of privacy, security, common sense, you name it. AOL has always struggled to keep itself from being overly demonized in the eyes of the consumer, yet keeps digging holes for itself to climb out of. I have NO idea how it's going to cover this one; this is a PR nightmare.
Here is how this affects you if you are an AOL customer:
- All usernames in the search logs have been changed to random numbers. However, if someone really wanted to, they could group all the searches together from one user and eventually figure out who someone is. If they wanted to. It's really not that difficult.
- If you've input personal information, you might be in trouble. If you are an AOL user and have for some reason typed in your social security number, your first and last name (vanity searches, we've all done them!), your birthday, etc., then dedicated search miners will have all they need to start stealing your identity.
Related:
- Ten Ways To Keep Your Search History Private: Events such as AOL's release of private search history have prompted many search engine users to be a bit more cautious with their searching habits. Now, most of us have no need to hide our search history, but there's no harm in more cautious Web surfing. Here are a few ways you can keep your searching history private.
- Search Engines and Internet Privacy: Ever wondered what a search engine's privacy policy looks like? Here's a few for you the next time you'd like some light reading.
- Anonymous Surfing 101: Are you concerned about privacy on the Web? Then anonymous surfing, the ability to surf the Web without being tracked, is for you. Here are some frequently asked questions about anonymous Web surfing.
- Internet Safety Checklist: The Internet is a vast resource of information. There's a good reason why it's called the "Information Superhighway!" However, just like you as a responsible parent would not let your children run around on the highway unsupervised, it's also a good idea not to let them run around the Net without your input.
- Free Adware and Spyware Removers On The Web: If you've ever had weird pop-up windows that just won't go away, hijacked browser settings, internet preferences inexplicably changed, or a very slow web search experience, than you've most likely been the victim of spyware, adware, or malware.
Thanks for this article, found it via Mary Landesman’s newsletter.
As an AOL user since 1993 we sau a heartfelt “Man we heard THAT!” re AOL’s stooopidity this way.
This but one of many reasons that we never, if ever, use AOL’s “browser” which is a messy, convoluted version of Internet Explorer. As an example, they turned off IE’s blocking of pop-ups for a very long time!
When we use the internet for searching any sites other than AOL, we open IE separately on our high speed connection which means AOL can’t track us like they did here – thank goodness we do not rely in AOL as our sole ISP anymore!
That said, we have kept them on a “bring your own ISP” (at a reduced rate) as they have the best and easiest e-mail we have ever used (even if they were probably the LAST to scan for virii) and also the free radio and message boards are wonderful.
We rely heavily on About.com’s PC experts (and othwrs too!)- thanks for the great work!
BTW I went TO the TechCruch Blog link and WOW HOWDY!
Talk about stupidity- no wonder the thing got mirrored! TechCrunch gave the AOL link (disabled the same day – August 6) as well as links to other blogs that linked it.
After AOL took it down, they released a link to a cached version! DUMBER!
“Update: Sometime around 7 pm PST on Sunday, the AOL site referred to below was taken down. The direct link to the data is still live. A cached copy of the page is here [linked].”
THEN when the download cache link was disabled TechCrunch released ANOTHER mirror link which has SEVERAL still-working links (you have to download the thing, I did not). DUMBEST.
“Further Update: Sometime after 7 pm the download link went down as well, but there is at least one mirror site [linked]…”
AND YOU HAVE THE LINKS TOO! WHY?
“Unfortunately, the data is already out there – Google still has a cached version [linked], and at least one mirror site [linked] has popped up”
Some people in the comments (which number in the HUNDREDS) said that it didn’t matter if TechCrunch listed it because someone else would and did . . .
Well, as an AOL user I am unhappy that TechCrunch AND you put the link there, especially after it was taken down and AOL apologized (see below)
Many other people said “who searches on SS numbers? Well, crooks, yanno.
This comment (below) direct from AOL got NO RESPONSES from anyone in the comments (or you that I can see) although TechCrunch added it to the article as an update. It’s not the greatest apology in the world, but it is an apology.
“Andrew Weinstein
“August 7th, 2006 at 9:08 am
“All –
“This was a screw up, and we’re angry and upset about it. It was an innocent enough attempt to reach out to the academic community with new research tools, but it was obviously not appropriately vetted, and if it had been, it would have been stopped in an instant.
“Although there was no personally-identifiable data linked to these accounts, we’re absolutely not defending this. It was a mistake, and we apologize. We’ve launched an internal investigation into what happened, and we are taking steps to ensure that this type of thing never happens again.
“Here was what was mistakenly released:
“* Search data for roughly 658,000 anonymized users over a three month period from March to May.
“* There was no personally identifiable data provided by AOL with those records, but search queries themselves can sometimes include such information.
“* According to comScore Media Metrix, the AOL search network had 42.7 million unique visitors in May, so the total data set covered roughly 1.5% of May search users.
“* Roughly 20 million search records over that period, so the data included roughly 1/3 of one percent of the total searches conducted through the AOL network over that period.
“* The searches included as part of this data only included U.S. searches conducted within the AOL client software.
“We apologize again for the release.
“Andrew Weinstein
AOL Spokesman”
(Italics and bold are mine)
Of course there IS personal data in there . . .
Some bloggers do not know when to keep their – ahhh – keyboards? shut!
Just My Humble Opinion of course re bloggers and listing data that really shouldn’t have been listed at all, much less repeated on the blog!
Perhaps all of this is irrelevant to the fact that AOL really DID screw up, but as a long time AOL user who has never had a problem like this with security (I am also not stupid about searching!), I really feel the reaction to all of this (such as KILL AOL and “The utter stupidity of this is staggering”) is a little over the top when it comes from sites THAT RELISTED THE DATA.
BUT the TIPS on secure searches, no matter WHO your ISP is, can never be repeated too often!!!
Food for thought for future happenings like this??
I think this is one of the most disgusting things I have ever experienced!
This would be like if I were to apply for a divorce, for it to be publicised throughout the entire world in USA Today! Definitely an invasion of privacy. Definitely illegal, immoral, unethical, and countless other words which do not come to mind at this time!
IF I get hassled, and/or ID stolen as a result of this, perhaps I can keep a lawyer off the unemployment list!
TYVM!
Hi webmaster!