August 7, 2006 | By Derek Slater

AOL's Data Valdez Violates Users' Privacy

As reported by TechCrunch and now the major media, AOL intentionally released three months of search queries by 650,000 AOL users. Though AOL has removed the data from its site and rightly apologized, the grave damage is already done. The data is available all over the Net, and AOL may have violated its own privacy policy as well as existing federal law. Congress should heed the lessons of this Data Valdez and enhance protections for your privacy.

Particularly considering the uproar over the Department of Justice's demands for just this kind of information from Google only months ago, AOL's actions demonstrate a shocking disregard for user privacy. Search terms can expose the most intimate details of a person's life and, in doing so, cause great harm.

Consider just a few hypothetical situations. Would you want your employer or credit company knowing that you searched for "how to file for bankruptcy"? Would you want anyone to know you searched for "HIV positive clinic," "breast cancer health services," or another illness-related query? What about "rape victim" or "depression" plus "counseling"? What about searches that reference your political or religious affiliation, or your sexual orientation?

Though the data was associated with random ID numbers, that information could still be connected back to an individual given enough clues. Consider, for instance, what vanity searches for one's own name or MySpace profile could reveal.

This incident highlights the dangers of allowing search companies to store this kind of personal data. We're still investigating, but it appears this disclosure may violate the Electronic Communications Privacy Act (ECPA), which strictly regulates disclosure of your Internet communications, along with AOL's own privacy policy. Regardless, Congress should take note of this latest Data Valdez by creating stronger, crystal clear legal protections for user information and by limiting data retention.


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Tech companies should not validate secret trade agreements like TISA as a way to decide new rules for the Internet: https://eff.org/r.hxui

Aug 27 @ 5:58pm

Malaysian PM cracks down on peaceful anti-corruption protest by censoring organizer's website and news reports: https://eff.org/r.y6pv

Aug 27 @ 5:20pm

¿Estoy siendo rastreado?, una plataforma sobre seguimiento en redes celulares: https://eff.org/r.w9wk

Aug 27 @ 4:44pm
JavaScript license information