AOL Draws Fire After Releasing User Search Data

By Kenneth Li

AOL on Monday apologized for releasing information on about 20 million keyword searches in a move that ignited a firestorm of criticism about privacy rights on the Internet.

AOL, the online unit of media conglomerate Time Warner Inc., said it launched an internal investigation into how a research division of the company mistakenly released the data on its Web site about 10 days ago.

AOL released search information on about 20 million searches done from its software by about 658,000 anonymous AOL users over a three-month period, representing about one-third-of-1-percent of searches conducted over that time.

The disclosure, which AOL said was not cleared through official channels, came months after Google Inc. won kudos from privacy pundits for refusing to comply with U.S. government requests for search data on its users.

"This was a screw up, and we're angry and upset about it," said Andrew Weinstein, an AOL spokesman. "It was an innocent-enough attempt to reach out to the academic community with new research tools, but it was obviously not appropriately vetted, and if it had been, it would have been stopped in an instant."

Although user information was not disclosed, keyword searches have included users who search their own names.

The data escaped notice until this weekend, when blogs began linking to the study. Techcrunch

formatting link
was among the first blogs to report the data's release.

According to these blogs, which were able to download the file, searches among some AOL users included one who conducted a series of searches on "how to kill your wife," "murder photo" and

formatting link

Techcrunch said the most serious problem with the disclosure was that many people search their own names.

"Combine these ego searches with porn queries and you have a serious embarrassment. Combine them with "buy ecstasy" and you have evidence of a crime. Combine it with an address, social security number, etc., and you have an identity theft waiting to happen," said Techcrunch blogger Michael Arrington in a posting. "The possibilities are endless."

One legal expert said the disclosure probably did not violate the company's own privacy policy as the data did not include personally identifiable information.

"This is more of a business snafu than anything else," Jason Epstein, head of the business and technology group at law firm Baker, Donelson, Bearman, Caldwell & Berkowitz PC said.

The link to the actual file, containing searches done by users whose personal IDs are replaced with random numbers, is no longer available on AOL's Web site.

"Although there was no personally identifiable data linked to these accounts, we're absolutely not defending this. It was a mistake, and we apologize," AOL's Weinstein said. "We've launched an internal investigation into what happened, and we are taking steps to ensure that this type of thing never happens again."

Copyright 2006 Reuters Limited.

For more news and headlines each day, please go to:

formatting link

Reply to
Kenneth Li
Loading thread data ... Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.