I'm furious about the fact that someone released this user data, regardless of their intentions (which were good: to share data with the research communities). This was a huge mistake, and people have to really think before they get all excited about sharing data or APIs. I'm all for being open, but user privacy trumps all the open ideals that we all share.
Frankly, I want us to NOT KEEP LOGS of our search data. Yep, you heard that right... we shouldn't even keep this data. I know that's crazy, but I learned this week that Wikipedia turned off their log files. They did this for tech reasons, but they now are keeping them off and not looking to solve the problem because of the huge upside of users knowing their searches on wikipedia DON'T EVEN EXIST!
I think we should use this as a way to brand AOL Search: We don't record your searches!
What do you folks think, should we turn off our log files and go for it?
You can read more about our response at CNET.
We screwed up--so lets talk about a real solution to search privacy,
Recent Posts
- Facebook lifts 5,000 friend limit. (5/09/2008)
- Systems Engineer, Los Angeles (5/09/2008)
- Sheyla Hershey (5/08/2008)
- Help pick the next host of Mahalo Daily (5/08/2008)
- Marc Andreessen, Roelof Botha, and Marissa Mayer are back as judges for Techcrunch50 (5/07/2008)
Reader Comments
(Page 1 of 2)3. AOL keeps looking worse and worse. It's undermining the good work being done with blogs, AIMpages, 5gb storage, Netscape, free services. WTF are they going to do to really stand out in a good way-- they better do it now because people are turning against AOL. It's just a fringe who even know about this now, but as TW is in competition with every other media outlet, I expect the newsmedia to go hog wild.
Posted at 2:16PM on Aug 7th 2006 by Fred
4. I am always impressed with how quickly Jason starts a discussion about good or bad news regarding AOL.
I predict, however, that not keeping search logs is not going to happen as it will probably have a devastating effect on their new business strategy.
I have no idea how to fix this issue. None.
Posted at 2:18PM on Aug 7th 2006 by Anonymous
5. I don't have anything necessarily to hide, but that doesn't mean that I don't value my right to privacy.
The main reason I would advocate for AOL and other search companies to not keep search records is that our government seems to think they have a right to this information, all in the name of the "war on terror." A lot of innocent people could come under government suspicion unnecessarily if access to this information was made available.
Posted at 2:55PM on Aug 7th 2006 by Scott-O-Rama
6. i don't think AOL will go for it. this is a major business driver and will surely bring AOL down if it is removed (in addition to the others announced last week)...
Posted at 3:11PM on Aug 7th 2006 by Nick Pang
7. Not log sounds wonderfull but is not realistic. It would undermine the whole statistics/SEO/commercial platform which is nowadays revenue for most sites.
Not query is go back 15 years in time and rather sounds like a desperate call to minimize damage. I accept it is your personal opinion and I really do like the idea of it, but it is not realizable.
Would you in that case (not log) also deactivate all AOL/Netscape server stats? Seems consequent to me.
9. I got a solution since you asked - my dad used to tell me when I would screw up "did you learn anything - and Don't do anything like that again" - so AOL needs to quite screwing up instead of focusing on how to fix screwups. If you minimize mistakes you won't have to worry so much on fixing mistakes. Maybe that doesn't make sense does it?
Posted at 3:41PM on Aug 7th 2006 by John
10. Not having search data available would limit research and innovation in this field.
I would suggest we do something similar to how speech recognition data is collected today.
- Allow people to opt in
- Scrub data of any personal information (e.g. names, SSN, etc.)
- Make this collection of data available to any company or education institution wanting to conduct research
http://alexcastro.typepad.com/castros_blog/2006/08/aol_responds.html
11. An opt-in program seems like a good idea. Jason, is that something economically feasible for AOL?
Posted at 4:18PM on Aug 7th 2006 by Nick Douglas
12. Jason,
You don't belong in corporate. You don't think before you blurt out stupid shit.
Posted at 4:45PM on Aug 7th 2006 by Emma
13. This is gonna cause a lot of problems for AOL. Not keeping logs of search data doesn't really seem like an option to me. Perhaps only a few people within AOL should be allowed to ever see the data.
Better yet, don't let anyone see the data except for other computers. There's no reason AOL should need to see any searches done by an individual user. So, why not just provide an interface to run reports against the log data? The reports could just give "generic" analytical looks at the data, giving top queries and so forth. I'm sure something similar is already in place, but something else obviously needs done.
Sure am glad me or none of my family uses AOL.
Posted at 4:51PM on Aug 7th 2006 by tyler
14. I'm all in favour of this! That's the best idea I've heard in a while! Please do what you can to get this through!
Posted at 5:16PM on Aug 7th 2006 by børge
15. > I think we should use this as a way
> to brand AOL Search: We don't record
> your searches!
Why should anyone trust a tagline? AOL didn't stick to *their own privacy policy* this time. That would be a start: do what you say you do, AOL.
Posted at 5:25PM on Aug 7th 2006 by Philipp Lenssen
16. AOL is doing the right thing in response, thankfully. You know what would really be an awesome challenge is for AOL to win over the tech crowd. Become nerdy. Impossible? Maybe. Tossing searchlogs would be a step. Better, even, would be to let people control their own search data locally or in storage. 5GB, right? This way people who want it could get the benefits of personalized search or search history data. For those that don't want such things, no worries. Hell, users could even monetize their own data by getting a good cut of letting AOL sell it.
Posted at 5:35PM on Aug 7th 2006 by Michael Martine
17. Congratulating AOL for "the right response" is like congratulating FEMA for promising to do better on the next hurricane.
Posted at 6:02PM on Aug 7th 2006 by Nick Douglas
18. "AOL Search: We don't record your searches!"
... no, but Google still will. Why give people a *false* sense of security?
Lets, instead, teach AOL users that "when you look at a web page, chances are, it's looking back at you and telling its friends about you."
AOL offering free online e-learning about Internet Safety could be really cool. A bunch of infotorials with short multiple-choice quizzes could be lots of fun.
Posted at 6:12PM on Aug 7th 2006 by Dossy Shiobara
19. AOL itself is becoming a total screw up, especially after the site you copied, Digg that is, is making most of these stories way more read and known. AOL has been going downhill after that woman was trying to cancel her father's account that passed away about 9 months ago, and then cam the call to make things even worse, and then cam this, to make things unreperable.
I'm sorry to say this Jason, but it seems that the company you work for is sinking , and I think that Time Warner is probably regretting it ever merged with AOL in the first place, all what it's doing now is make their image worse...
I think the whole management of AOL should be changed, I'm sorry to say this, but including you. You have no idea how bad you made Netscape look after actually copying Digg. I actually used to read the site on a regular basis before it became like this (A total copy of Digg), and ever since, the netscape website has been going downhill as well. Even though I do not really believe in Alexa, but check this out: http://www.alexa.com/data/details/traffic_details?q=&url=www.netscape.com , your rank went down of 115! What the heck were you thinking when you chose to make a clone of Digg except with 150% more ads? Did you really think it was going to work? Sorry to burst your bubble, and even though you might say otherwise, it is _not_ working...
Sorry for AOL man, even apologizing to the whole world wob't make a difference now, what's done is done, and the blogosphere is buzzing about this and there are now tons of mirrors to that file...
Mark.
Posted at 6:19PM on Aug 7th 2006 by Mark
20. Well, lets look at the heart of this issue further; I'd like to share my insight.
Just as Dossy stated, to not give the AOL Members a false sense of security, would be senseless. What does AOL Search use? GOOGLE. Google logs search history, even with their strong Privacy Policies, located at ( http://www.google.com/privacy.html ). Those policies are really what matter no matter what the AOL Search policies are since the AOL Search is ?powered by Google?.
People seem to have a field day thinking AOL is alone in logging search queries or even web history. Whether logging user data for monetary gain (contextual, targeted advertising) or not; it still is a *basic* requirement for Internet Service Providers to log and retain logs on their users. Don?t believe me? Go read your ISP?s Terms of Service or Acceptable Use Agreement, and Privacy Polices. What law should you ask?
The United States PATRIOT Act (I and II). A detailed analysis of the act itself is available at http://www.eff.org/Censorship/Terrorism_militias/patriot-act-II-analysis.php and you can see the cause and effect of such provisions. The force behind all these privacy invasions AOL and other ISPs to comply is the fear of terrorism. If we are technological age, we must adapt accordingly and essentially AOL and other ISP's are *required* to have legally accessible logs under the due process of the law (subpoena).
With recent revisions of PATRIOT Act II, it is not even necessary to have Due Process (http://en.wikipedia.org/wiki/Due_process ) of the law, with legal subpoenas; merely a simple "request" can force the ISP to comply and forward over all records, electronic correspondence, web site records, and "search data". If an ISP refuses, they can be imposed with Obstruction of Justice ( http://en.wikipedia.org/wiki/Obstruction_of_justice ), therefore fined and potentially shut down.
So, what?s my point? I simply want people to realize its not the ISP's fault for merely having an interest in research; since that would in theory be used in compliance to federal requests and hence actively participating in the War against Terrorism. Has any known terrorists been caught from searching? Not sure, and I doubt it that merely from searching you can then be a criminal. However, we all know its a breach on Civil Rights.
Alright, enough on that. In regards to AOL having a publicly, unsecured, unauthenticated website to yield access to that data is very irresponsible. As stated by Andrew Weinstein; its a very small sampling of data in comparison to the total number of searches completed but the risk is what the users search for (for example, Googling yourself, a phone number, address, etc.)
If search engine marketers or people who are interested on popular search terms, check out what?s ?hot? in the general AOL populous, ( http://hotsearches.aol.com/search/hotsearch.jsp ) which is similar to a "live" Google Zeitgeist 2005 ( http://www.google.com/press/zeitgeist2005.html ).
To recap:
- I don?t support ANY ISP logging my search and web history.
- If my information is to be legally requested under due process of the law, I expect my ISP to comply.
- I want my ISP to let me know in advance that yes, information is collected, what is collected, and how is it retained.
- I expect my ISP to retain my records with the utmost security standards, data integrity requirements OR don?t log it at all.
- I want my ISP to only release my records under specific court order, search warrant for my records; rather than simply everything.
- I don?t do anything illegal; hence fear nothing; although I am aware of privacy standards, misuse of data, and risk of data to getting in the hands of data miners to then form large tracking records; and then later misuse on that.
Posted at 7:17PM on Aug 7th 2006 by Joseph Manna
Add your comments
Please keep your comments relevant to this blog entry: inappropriate or purely promotional comments may be removed. Email addresses are never displayed, but they are required to confirm your comments. To create a live link, simply type the URL (including http://) or email address and we will make it a live link for you. You can put up to 3 URLs in your comments. Line breaks and paragraphs are automatically converted — no need to use <p> or <br> tags.
1. This entire incident is a complete fiasco. I thought AOL's image had reached an all-time low after "the call" but something like this was unthinkable. This information is all over the internet now and is available on multiple mirrors and can be downloaded in about 10 minutes by anyone with a broadband connection. This is a blatant violation of the privacy of AOL users which is probably reflective of a company which is falling apart at the seams and is grasping for any press/legitmacy they can get. This seems to have been an attempt to look legit in the eyes of the research industry, but to make this information available to the public marks a a complete lack of judgement and communication within the company.
As for those statements on Cnet, they are not much of a response. The fact that the user name was changed to a code does not help much b/c of how often people search for themselves/friends/family. This is not the way AOL should try to clean up its battered image or reach out to the academic community. BTW- http://aolsearchlogs.com/forum/ ... expect a lot more of these.
AOL Search: We don't record your searches!
- This is an awesome idea which would win over a lot of people, me included. Search logging is seen by many as an unavoidable evil, but if a company said they would not do it and had external auditors (or whatever) confirm this it would be a major advantage. IMO, this is the best any pretty much the only mea culpa which AOL users should expect.
Note: I am not an AOL user and have never used AOL search.
Posted at 1:13PM on Aug 7th 2006 by Sal