Brand mistakes happen now and then...and AOL just made a big one. Talk about a customer disconnect...it seems when AOL talks about its "open garden" of custom content, they think that might include posting member search inquiry data.
After news that AOL plans to cut 5,000 jobs (which is one-quarter of their 19,000 person workforce) just as they are making aggressive changes from their subscription model to a mainly broadband and advertising model (which has contributed to revenue, share price and profit gains this year despite the loss of subscriber dollars), the really weird news come in. News that has the strong potential to damage brand name value because it hurts customer trust in privacy and info security.
For some reason, someone at AOL Research thought it was a good idea 10 days ago (which is just now being found out) to publicly post all search inquiries of around 658,000 AOL users from March to May (20 million search inquiries) right on view for everyone to view. While the data was supposedly "anonymized", meaning that AOL replaced user names with numbers in an effort to make members unidentifiable, it didn't always work, even if the data was only posted for a few hours (as reported by Wired) because the data made it onto the peer2peer file sharing networks.
This gaff was discovered over the weekend and has spread across the Web like a tsuanmi, flooding message boards and blogs. This is serious damage control time for AOL. If they don't address this one quickly, this black eye could create permanent damage. And I am a longtime AOL member.
MediaPost's Wendy Davis gave the following stunned commentary questioning AOL's sanity, which will make you re-think your online habits. It should get you wondering just who is keeping track of you online and what are they doing with your info:
"Just as AOL is trying to entice Web users with free e-mail, storage and other formerly paid services, the company committed a gaffe so stunningly stupid, it's hard to believe that consumers will ever trust the company again.Suggestion: Notify AOL's general comment desk or contact Time Warner corporate headquarters and make your opinion known.
Never mind that users conduct vanity searches for their own names, or addresses, or type their credit card and social security numbers into search engines. AOL maintains that anyone could have typed in that information, not necessarily the person with that name and/or address, social security number, etc.
Well, yes, that's technically true. Users might search for their friends, employers or potential dates. Without more context, it's difficult to glean much from the fact that User X typed in one person's name to a search engine.
But individual searches weren't released in a vacuum; AOL provided three months' worth of context. Anyone who goes over the data released by AOL -- and, even though the company tried to take it down Sunday night, it's been copied and posted throughout the Web--can probably deduce certain information leading to the identities of at least some users.
Of course, people conduct more than simple vanity searches online. They search for drugs, pornography, and all manner of illicit endeavors. One now-infamous user searched on phrases like "how to kill a wife," and "car crashes." Yes, he could be researching a book; the searches alone don't prove anything -- but clearly the revelation of users' searches has the potential to at least embarrass people.
AOL spokesman Andrew Weinstein has been busy apologizing profusely for the incident. He's been sending around statements admitting to the blunder. "This was a screw-up, and we're angry and upset about it ... Although there was no personally-identifiable data linked to these accounts, we're absolutely not defending this. It was a mistake, and we apologize," he stated.
Still, it's obviously too late to fix this mess, at least for the users whose searches were revealed."
posted by Chris Kennedy @ Tuesday, August 08, 2006,
- At 5:53 PM, said...
In all the current discussion about AOL's sharing of the query-log
data, there has been little emphasis on the importance of such data to
research on information retrieval. In addition to the real privacy
concerns, a key point that must be considered is the fact that if
useable data is not made available to the wider research community,
only the big search companies will be able to analyze that data. We
academic researchers are increasingly dependent upon industry for this
sort of data to do research; the sort of small-scale data that can be
gathered in a university-based setting is simply insufficient for
obtaining reliable experimental results.
Should companies be prevented from sharing data with the research
community (either by law or public outcry), research progress will be
greatly reduced, as it will be impossible to compare different studies
with one another, since each study's data will be proprietary, and
thus no one will be able to trust any research result from another
lab. All non-industrial research in this area will more-or-less dry
up, and search technology will tend more and more to be developed in
"closed-shop" efforts within the large firms; innovative startups and
open-source hacking will not exist, since the research projects that
serve as launching pads for such technological innovation will not
exist. This prospect should disturb us all, as search technology
(broadly construed) is more and more the vehicle that people use to
gain information about their society and the world.
All of this is not meant to ignore the real privacy issues that can be
involved in the preparation and release of such data. It appears to
me that there was little real privacy risk in the data released by
AOL, but it is clear that policies and practices need to be debated
and developed that accomplish two essential goals: (a) to protect the
privacy of individuals in any sharing of research data, and (b) to
ensure that as much useful data can be shared by companies with the
greater research community. In this effort researchers and privacy
experts must collaborate to ensure that all sides of these important
issues are properly addressed.
Shlomo Argamon, Associate Professor
Department of Computer Science
Illinois Institute of Technology
Chicago, IL 60616
- At 6:27 PM, KennedyCS said...
Excellent commentary, thanks for sharing your thoughts and contributing to the discussion on the Jointblog.
As a market researcher myself and someone whom has accessed various forms of the Internet since 1977 back when it was a university bulletin board "web" link to other universities, I complete agree with what you write. From your (and all researchers interested in openness, learning, access and transparency of data) perspective, information is vital. Corporations operating in locked-down closed environments with no ability for outside peer review would only stagnate further growth and advancement in this new tech era.
The problem with this incident from AOL is the larger, unresolved trend of how corporations and even the government handle (and often mishandle) the overwhelming mass amount of consumer information tracking our day-to-day lives and, in particular, our digital lives. With all the concern of unwarranted government wiretapping, live gps tracking of personal movements and the too-often news reports of corporations (including banks) losing computers containing backup spreadship on millions of consumers (including personal details such as social security numbers), Big Brother is not just inching forward...it is advancing at supersonic speed.
The biggest issue of all: how in the world could anyone approve the release of consumer information still containing actual social security/address/phone number info available for anyone to download and use as they wish, as this AOL research file actually contained. The spreadsheet is easily found on Limewire and other file sharing networks, even though AOL pulled the site. While information for legit researchers is essential, information that can be exploited by those only interested in identity theft or exploitation is dangerous to personal freedoms.
Many thanks, Shlomo...and keep reading the Jointblog for more as we watch this important ongoing media trend.
Joint Communications Corporation