backtop


Print 41 comment(s) - last by bbomb.. on Aug 8 at 11:15 PM


Screen capture from AOL's website before it was taken down -- Image courtesy Texturabtion
AOL does the unthinkable

AOL grabbed headlines last week when it announced that it was making its online services freely available to anyone with Internet access. Today, the company is making news for what is an inexplicable turn of events. The company freely made available the private search history of over 650,000 users without permission. The 439MB compressed download features over 20 million search queries over a three month period and was made available on AOL's research website along with a readme file detailing the results. In an effort to ease damage control, AOL has removed both links, but mirrors for both search data and the AOL readme (for better or worse) are mirrored at multiple sites.

The vast amount of data included in these search queries is staggering and the possibilities for abuse are endless. TechCrunch reports:

AOL has released very private data about its users without their permission. While the AOL username has been changed to a random ID number, the ability to analyze all searches by a single user will often lead people to easily determine who the user is, and what they are up to. The data includes personal names, addresses, social security numbers and everything else someone might type into a search box. The most serious problem is the fact that many people often search on their own name, or those of their friends and family, to see what information is available about them on the net. Combine these ego searches with porn queries and you have a serious embarrassment. Combine them with “buy ecstasy” and you have evidence of a crime. Combine it with an address, social security number, etc., and you have an identity theft waiting to happen.

It’s one thing to make private search data available to the federal government upon request (and even that has been widely debated over the past eight months), but to make it freely available from a public website is downright malicious. It’d be interesting to see what AOL’s response to this whole fiasco will be.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Just curious..
By Chalmus on 8/7/2006 4:57:31 PM , Rating: 2
There is no financial or any other benefit to me doing that, and with 20 million+ queries to sort through, then I guess you just proved me wrong that I cannot give a name, address, SSN, or whatever on any particular member in the list.

But if you think that there aren't scammers and thieves working on getting that personal information out of that list as we type, and that they will not be able to retrieve anything of use out of the list, you are not the poster that I came to respect.

Have you looked at the list?


RE: Just curious..
By Lifted on 8/7/2006 5:03:31 PM , Rating: 2
I have, and the possibility of scumbags being able to blackmail people is there.


RE: Just curious..
By masher2 (blog) on 8/7/2006 5:11:04 PM , Rating: 2
> "Have you looked at the list? "

I have. Certainly there is "information of value" in there. Quite probably information of value to a thief or scammer. But is the data "personally identifiable"? That's a horse of a different color. I found quite a few searches for my surname, just in the first of the 10 files....and I can guarantee you none of those queries were from me. Even if you saw a search for an exact name and address...does it prove that particular person did the searching? Or just that someone searched for them?



“Then they pop up and say ‘Hello, surprise! Give us your money or we will shut you down!' Screw them. Seriously, screw them. You can quote me on that.” -- Newegg Chief Legal Officer Lee Cheng referencing patent trolls

Related Articles
Setting AOL Free
August 3, 2006, 4:56 AM













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki