AOL Search Results

I just commented the following at this blog, afterward I noticed that its pretty much a blog post so im adding it here too :)  

I myelf am not too worried about this happening. Understandably people are worried about the severe breach of privacy, but the search results can’t prove anything criminal has gone on so no one should feel afraid of being wrongly accused just because they were bored one day and went on a search trawl for “baby eating”. Deniability is what counts and these search results cant take that away.

What is scary is not the fact that if you searched for your own name your results can be traced back to you, because even then your just being paranoid, deniability is what counts and its entirely possible that someone know knows you searched your name, and im sure there are more than one Joe Blogs in the world, so the fears of it being tracable to you as a single people are not very well based – and the fact that it could be narrowed down to say five hundered people in america with your name is just being paranoid. What is scary however is that people searching for their credit card numbers and social security numbers, in that case the results can be narrowed down and this is where aol are at fault.

Leaving the search key phrases linked to a random UID is fine, what isnt is leaving in personally identifiable infomation which can be linked to the UID and therfore connect all search phrases with the same UID to that personal ID. Names are not personal infomation, as you share the same name with many people in the world. What is personal infomation is data that can be identified to you and only you. Such as Credit Card Numbers, Social Security Number, NI numbers, bank accounts… i could even stretch to mobile numbers as they arnt usually publicied on the net but im not sure if house numbers should be excluded because that would exclude people searching for buisnesses by number.

There are a great number of issues with what AOL have done, yes it was a mistake and yes they should have vetted the data and removed any “personal” data from it. But thats hindsight for you, and hindsight is never usefull unless your retaking a year of education. It is too late to do much about it, as the data is already propegated on the net and in the hands of thousands of people, a lot of whom probably wont do anything with it as they just downloaded it out of curiocity.

Anything and everything you do on the internet is traceable, from email, instant messaging to simply browsing. You publish something online and even if later on you delete it, copies will have been propagated in catches, logs, etc all over the world. Unless you use an encrypted link then your IM conversations may be logged somewhere along the way between you sending and your friend receiving and in america are probably being intercepted by the feds lol. Email can be read from servers, as they keep logs of all data and backups of that data which can last for decades. Everything you do on the internet is logged by your isp, these logs are there for them to be able to fix technical problems however in the wrong hands (government agencies) they could be used to trace anything you do and link that to other logs they have from other sources. if you want to ensure at least in part some secured privacy, then use encryption in your emails, encryption in your IM and possibly even an encrypted proxy. However I feel that that would be very much overkill, and that this whole AOL log file thing has been blown out of proportion. Yes there are problems with it, yes there may be future problems caused by it. But people are making wild accusations as to what the data could be used for. Yes it has the possibility of being used wrongly, but similarly it has the equal possibility for being used right – but at the end of the day thats human nature – and no matter what you say that will be true.

Leave a Reply