On Sunday the news broke that AOL purposefully released 20 million partially anonymized search queries. On Monday AOL apologized, and later that evening the first web interface to the data went up.
Today the first person was positively identified from the data – Thelma Arnold, a 62-year-old widow who lives in Lilburn, Georgia.
Based on searches ranging from “numb fingers” to “60 single men” to “dog that urinates on everything,” the New York Times was able to quickly determine and confirm her identity. Ms Arnold is AOL searcher no. 4417749.
Ms Arnold commented: “My goodness, it’s my whole personal life…I had no idea somebody was looking over my shoulder.”
AOL replied: “We apologize specifically to her…There is not a whole lot we can do.”
It could be you.
think twice before you type on google or any search… oh my god, this is insanity.
I’m just curious as to how they would identify someone from such little information. It probably says in the article but I didn’t register for the site so I could read it.
Does anyone feel like informing the others in my boat and I on to how this was accomplished?
so that there can be more spam…
And people still don’t believe me when I tell them to be careful what they do with Google stuff
scary part is that your thinking is public, not just the deeds.
You know with all this talk about protecting privacy, it’s amazing how many outlets are willing to jump on the bandwagon and exploit this issue and exploit this woman’s privacy. The average techcrunch reader wasn’t going to go surfing through the data to try to sniff out the identity of a person, and frankly, the average techcrunch reader probably doesn’t care. So why bother to publish it?
Good to see Mike is rooting for the disaster scenario for everything AOL.
TechCrunch is a travesty. I mean WTF?!
@ RedWillow
It sounds like she willfully cooperated with this story. I’m sure she was contacted about it first and gave her approval.
It’s important that people realize this data can be personally identifiable. I’m sure Mrs. Arnold realizes that and that’s why she agreed to be interviewed.
Are we missing some keywords? How can they track her from that?
@ Cody
From the article:
‘No. 4417749 conducted hundreds of searches over a three-month period on topics ranging from “numb fingers” to “60 single men” to “dog that urinates on everything.”
And search by search, click by click, the identity of AOL user No. 4417749 became easier to discern. There are queries for “landscapers in Lilburn, Ga,” several people with the last name Arnold and “homes sold in shadow lake subdivision gwinnett county georgia.”
It did not take much investigating to follow that data trail to Thelma Arnold, a 62-year-old widow who lives in Lilburn, Ga., frequently researches her friends’ medical ailments and loves her three dogs. “Those are my searches,” she said, after a reporter read part of the list to her. ‘
Interesting to see how TechCruch legendary Googlephobie has mutated into an AOLphobie. Wait, AOL uses Google engine… So it’s stilll the ol’ Googlephobie.
Anyways, search engines aren’t the only ones keeping logs, I find ISP logs thousands of times more scary…
It’s good that everybody talks about this disaster, because it will lead to much more cautiousness through the search engine providers.
In the end, I hope that search engine providers could stop taking all this logs. It’s just the problem that many sites are adopted based on what we search, and that we benefit from all the data they have about us, in the end…
But one thing is for sure: I will never ever use the AOL search engine (nevermind on what technology it is based). I haven’t in the past, but I won’t do it now, too.
Lost in Brittany,
Phobias tend to be unwarranted anxieties. Considering this post is about an action that has already occured as opposed to a proposition or hypothetical situation, this is just plain reporting of actual facts. AOL really dropped the ball on this one and this mishap needs to be exposed. This is not about keeping logs as you have stated it…this is about publicly exposing the confidential information of your userbase. There is a glaring difference between the two. This really is a deplorable infraction by AOL.
the whole thing must be fake, i still cant believe anybody doing what happened. on purpose.
Like what jbus said, it’s very important that TechCrunch was one of the major sites that brought all of this to our attention.
These are huge privacy concerns that the average public hasn’t understood. If enough talk continues, maybe something will actually happen. The only way to make people aware is for a spotlight to shine brightly over the implications of AOL’s “oversight.” Little accidents can ruin people’s lives, just from random people misinterpreting search terms. Combine that with other searches for names & locations, having nothing to do with the previous searches. Consider families who share a computer or roommates on the same connection — all of their dark-sided curiosities combined with one another. What about framing others? People with grudges could type others’ names + “impure” searches to bring guilt by association.
I imagine anyone who isn’t a prude or bland tends to momentarily wonder about various topics with queries that, at face value, sound twisted or odd. Imagine being judged just for being curious about life (something as tame as medical conditions to the diverse range of literature and depths of dialogue). The ability to have curiosity and freely explore information is the greatest ability of a free culture. When people become afraid of seeking information — from fear of being viewed as a criminal — it will set society back into repression and darkness.
The NY Times is brilliant for finding a real example so soon.
This type of user-connected data should not even be seen by licensed researchers. No searches should ever be logged in association with other searches except as a stored option for a search history made only available to that user. The future of search intelligence isn’t dependent on user-associated-searching to build blind profiles (which end up being grossly inaccurate). It’s more dependent on AI, document interpretation, web analytics, and natural language, along with an intuitive, desire-based interface that leads a person to the correct data.
I hope TechCrunch and all others continue to expose these major problems. TechCrunch deserves tremendous thanks for covering it. Thank you!
Thanks New York Times!
Frankly, the most outrageous part of the story to me was that a 62 year old widow was using the internet! Who says there can’t be ajax websites for the baby boomers!!
Are we sure this is not AOL’s wierd marketing strategies? People at AOL can’t be so insensible. Or maybe I am not sensible enough to see the obvious.
She should sue AOL.. can probably get an easy $500K.. it’s the American way.
Well, She is set for life, lucky ol’ lady.
Way to go AOL! Selling out a little old lady! How long till some 14 year old’s data gets leaked.
Pathetic all around!
Com’on old lady, sue Aol!
That’s the greatest response from a company ever. I would sue.
so, this is web 2.0 now?
yeah.. web 2.0 is all about sharing data!!!!
Don’t you think that USING the data (what you ‘journalists’ are doing right now) obtained by these means is a step to fascism?
EVERY fascism, be it Germany, Russia or Cambodia always started like that. Think about that!
I am signed up for Google Search History. It is starting to seem like a very bad idea.
Typical, the only users of AOL that I know of are 60+. haha
“We apologize specifically to her…There is not a whole lot we can do.”
How about thinking before before doing soemthing completey and uttery cretinous?
For those with time to investigate, this one might be indentifiable on http://www.aols...rchdatabase.com.
User Id: 15251566
This is just plain scary. Take them to the cleaners old lady and teach them a very valuable lesson.
So, I wondered if the AOL user community ever searched for TechCrunch. Detailed analysis can be found here:
http://www.bria...ol-search-data/
Enjoy!
-Brian
Kudos to the community for exposing AOL’s stupidity; however, was it really necessary to keep on publishing the woman’s name?! Shame on you, New York Times!
do i smell a huge lawsuit coming on, time to short twx
I think that it was very irresponsible of NYTimes (and Techcrunch) to post the id numer and name and etc etc of this woman. Even if NYTimes did find out one of people, shouldn’t they state that they IDed someone and then not release their info?
I can’t beleive they published her name and searches… I guess the NYT asked her for permission as the seaches were rather revealing.
This is why Google Desktop and Search History is a BAD IDEA.
Delete your cookies often, people. And above all, do not install any search toolbars.
i actually positively identified my dad in the search results, and he confirmed it. so you can mark that confirmed #2.
What do you guys think AOL could do about this now? Obviously they’ve learned their lesson.
Why this is up on TechCrunch? Not too sure.
there’s something else missing from that data set too…anybody notice it? check out this blurb from yesterday: http://digbig.com/4mgry
I’m with Red Willow, Tech and Brett.
Aside from AOL’s utter stupidity, the NY Times lives in its own world and plays by its own rules and enjoys its own intellectual ethics. (I’m also disappointed that Techcrunch would follow along and re-post her information.)
The reporter wanted to “make the story personal”. And yes, I’m sure they got her naive permission to run the story to get the word out.
So, Thelma, your reward for assisting the NY Times in further publicizing this story to educate their readers on AOL’s terrible decision…is that YOU are spotlighted, including specific, possibly embarrasing searches you performed and your response to questions about why you searched them.
Are these two reporters that awful at telling a story without stealing someone’s dignity?
My name is Howard Howe and I am a partner at the prominent New York law firm of Dewey, Cheetum & Howe LLP. We are currently looking for individuals whose search records have been exposed by AOL in preparation for a class action lawsuit against AOL. If you believe that your search records have been compromised, you may be entitled to monetary damages. If it imperative that you contact my firm immediately. Please do a search on AOL for “dewey cheetum howe AOL lawsuit” and we will contact you ASAP.
Great. Now we have ambulance chasers scouring the board.
What next?
Not that I’m supporting the use of this woman’s identity, I agree, that was going too far. I think the times did it A. to put the onus on AOL to take some sort of drastic action, and B. to kick the whole issue up to the next level of escalation. Now it’s AOL’s turn to counterattack.
@Bob…”Dewey, Cheetum, and Howe” is a joke, my friend. But, to your point..I imagine there are some lawyers foaming at the mouth right now to cash in on this. Man..just when AOL had some signs of intelligent life.
We spent some time checking this out to see what we could learn about how consumers were ending up on MerchantCircle with local searches. It was useful to see what else they were doing online. In a good majority of the cases, we could where they were clearly looking to investigate an category of merchants in thier town (motorcycle shops or coffee shops) and in others it was clear they were researching broadly shopping in a town. Mark (former Yahoo) lays out some of the concerns about the privacy issues as well as what he found related to MerchantCircle, here.
http://kram.hul...cy-debacle.html
Is there a big law suit coming?
More fallout from the AOL leak here, and this time it involves people losing their jobs:
http://discuss....?biz.5.374239.4
“# jbus
August 8th, 2006 at 10:19 pm
@ RedWillow
It sounds like she willfully cooperated with this story. I’m sure she was contacted about it first and gave her approval.
It’s important that people realize this data can be personally identifiable. I’m sure Mrs. Arnold realizes that and that’s why she agreed to be interviewed.”
Sure jbus, just like she unwillingly cooperated when AOL passed along her data.