August 21, 2006 12:38 PM PDT

Three workers depart AOL after privacy uproar

Two AOL employees have been fired, and its chief technology officer is resigning, after the release of Web search data from thousands of AOL members prompted widespread criticism of the company.

CTO Maureen Govern "has decided to leave AOL effective immediately," AOL Chief Executive Jon Miller wrote in an e-mail to employees dated Monday.

Govern could not be reached to comment.

Maureen Govern Maureen Govern

The researcher responsible for the data being posted online and the researcher's supervisor, who reports to Govern, were fired, according a source close to the matter who asked not to be identified.

Meanwhile, John McKinley, who is president of AOL Digital Services and served as chief technology officer from 2003 to 2005, will step in as interim CTO until a permanent replacement is found, AOL said.

In a separate e-mail to AOL employees, Miller said the company would create a task force to develop new best practices on privacy and will look at how long search and other data should be saved.

The company also is considering tightening restrictions on access to databases containing search data and other sensitive member data, looking into ways to ensure that such information is not included in research databases and adopting education programs for employees on how to protect sensitive information, the e-mail shows.

"After the great lengths we've taken to build our members' trust and be an industry leader on privacy, it was disheartening to see so much good work destroyed by a single act," Miller wrote. "This incident took place because some employees did not exercise good judgment or review their proposal with our privacy team. We are taking appropriate action with the employees who were responsible."

AOL researchers posted the data on the user Web searches to a new AOL research Web site last month. It then pulled it and apologized for the security breach shortly thereafter, but not before other sites got ahold of the data and made it searchable. AOL has been widely criticized for releasing the data.

Last week, the Electronic Frontier Foundation, a digital-rights group in San Francisco, filed a complaint against AOL with the Federal Trade Commission. The complaint (click here for PDF) asked the FTC to look into AOL's possible violation of its privacy policy and federal law. The EFF also asked regulators to require AOL to notify all users affected by the leak and to stop logging searches except in extraordinary cases.

The World Privacy Forum also filed an FTC complaint (click here for PDF) against AOL last week, including an allegation that AOL released user search data in 2004.

While the members were kept anonymous, the data was so thorough and extensive that privacy advocates warned that it would be possible to trace searches back to specific searchers, which several newspapers and other organizations were able to do.

"Whatever staff changes AOL chooses to make does not reduce the need for Congress and the FTC to step in," Kevin Bankston, staff attorney for the EFF, said in a telephone interview.

"To the extent the CTO's departure does have to do with this, I hope that it indicates AOL recognizes this isn't an issue of fixing a unique incident but rather reconsidering their approach to how they handle search logs," he added.

Pam Dixon, executive director of the World Privacy Forum, said the FTC should investigate whether AOL partners and others have received sensitive user data from AOL over the years.

"I don't think firing employees is going to be a solution to the problem. It appears that these data disclosures were a symptom of a more systemic problem at AOL regarding data handling policies and practices," she said. "The 'tip of the iceberg' may well apply here; it will be up to the FTC to find this out, though."

It is unclear whether AOL's release of the user search data was illegal, but if AOL broke the law, the FTC should take action, said Ari Schwartz, deputy director of the Washington, D.C.-based Center for Democracy and Technology, which receives a small fraction of its funding from AOL.

Schwartz said he was not convinced of the need for new action by Congress--specifically, a bill offered by Rep. Edward Markey (D-Mass.) that would restrict how long all Web site operators can "warehouse" consumer data. It would be preferable for the industry to come to an agreement on uniform, voluntary standards, he said.

The notion that search companies are retaining information about users' personal searches, which "should be routinely deleted," is a lingering concern, said Marc Rotenberg, executive director of the Electronic Privacy Information Center.

"AOL could do a real service to the online community," Rotenberg said in an e-mail interview, "if it would commit to permanently (deleting) all personal search details and challenge other search companies to do the same."

See more CNET content tagged:
America Online Inc., CTO, chief technology officer, researcher, Time Warner Inc.


Join the conversation!
Add your comment
hello, you've got bad service
I've been reading CNET's coverage on the AOL privacy mess and what it comes down to is bad service all around. Declining subscribers and a terrible release of AOL searches is something you'd expect say in 1997 not 2006 <a class="jive-link-external" href="" target="_newWindow"></a>

Better the executives fall than the average cubicle worker.
Posted by marileev (292 comments )
Reply Link Flag
Anyone still using AOL deserves their privacy to be exposed
I'm sorry but only a real moron uses AOL.
Posted by bobby_brady (765 comments )
Reply Link Flag
AOL's culpability
I wouldn't go that far, but some people have hung around AOL far longer than they needed to for whatever reason. Maybe they got a great deal on business cards w/their AOL address they're trying to use.

In the end the company is still culpable for not looking out for people who paid their AOL subscriptions.
Posted by marileev (292 comments )
Link Flag
clue needed
Where did AOL ever say they would keep any of this private? Sort of like posting on Cnet - even under a fake name. Of course it is visible, and of course someone might infer something by analysing all of my posts.
Posted by gggg sssss (2285 comments )
Reply Link Flag
Search proxies are now...AOL is 10 years ago
Although it took me like 5 years to get my mom off of that service!

Try a search proxy and stop skinny dipping in public. Its free.

<a class="jive-link-external" href="" target="_newWindow"></a>
Posted by talledega500 (23 comments )
Reply Link Flag
It's no so much the need to delete the searches...
...but the need to regulate the way searches are conducted and the information that is contained within the searches.

User data is the only way that people like AOL can create creative content for there target audience. There is a way to still conceive the search data without sacrificing peoples identity!

J Gund
Posted by OneWithTech (196 comments )
Reply Link Flag
Was never happy with AOL
You can't dial into AOL without loading the software on your computer. This is the same software that makes your computer noticably slower. What does the software entail? Who knows, but you must load it. I didn't like what it did to the browser or anything else it touched. The dial up service I chose didn't require any software loaded. Only knowing my login name, password, and a phone number, I could create a dialup connection and be on the internet with any computer. I'm glad my personal information isn't included in the leak.
Posted by Seaspray0 (9714 comments )
Reply Link Flag
I hope quest reads this
<a class="jive-link-external" href=";tag=nl.e433" target="_newWindow">;tag=nl.e433</a>
Posted by gestry (18 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.