When companies are asked about the privacy concerns surrounding the collection of sensitive customer data, they generally have a ready answer – the information isn’t identifiable as it’s stored under a number, not a name. A person’s true identity, therefore, can’t be traced back to an individual, and so there are no privacy concerns, companies claim. Privacy advocates think otherwise.
And when AOL accidentally released more than 19 million search results representing three months worth of queries for 657,000 customers, the standard argument was proven to be false.
It didn’t take long for the New York Times, for example, to figure out the true identity of AOL member No. 4417749. A quick look through her queries made it evident that she most likely lived in Lilburn, Ga., and from there it was easy for the newspaper to find Thelma Arnold, a 62-year-old widow. Her daily activities were no longer her business alone – they were now exposed for anyone with an Internet connection to see.
Some would argue that if you use the Internet, you should know that you have no privacy. Sun’s ex-CEO Scott McNealy once famously told people to “Get over it” – there is no such thing as online privacy. But given that the Internet has become such a pervasive part of our daily lives, we shouldn’t have to sign over our privacy for the privilege of surfing. The Internet isn’t something most people can take or leave – it’s a matter of necessity. People using such an indispensable tool should be able to do so away from prying eyes.
However, some would take the “you have no privacy argument” a step further, saying that we shouldn’t even have a right to privacy online. Law enforcement officials increasingly want to operate under the premise that we’re all guilty before proven innocent. Police officials, for example, asked Toronto Hydro Telecom to make sure that there was a way to trace users of its planned free Wi-Fi service. Google was asked by the U.S. Justice Department to hand over millions of search engine query results which the government claimed it wanted as part of its efforts to fight online child pornography. The company refused.
Indeed, a look at some of the unsavoury searches conducted by some AOL members does give one pause. CNET managed to trudge up a troubling collection of AOL’s most disturbed members, each more alarming than the next in its article, “AOL’s disturbing glimpse into users’ lives.”
But thankfully, most users don’t spend their time online looking for child pornography. And there’s no reason that AOL user No. 4417749 – an elderly woman looking up her friends’ ailments – should have to give up her privacy because AOL user No. 336865 spends his or her time in less than innocent endeavours (to put it mildly).
Others claim – with the sincerity of infomercial hosts – that the collection of data is as much for our benefit as it is for the companies that collect them. Why look at an ad for mouthwash when a simple stroll through your data history can tell advertisers that your true passion is rock climbing? Why not let the likes of Google, AOL, MSN and Yahoo help you by selling advertising space to RockKlimbers Inc. on your search page? Chances are, as an avid climber, you probably already know about the company. And having people comb through your private information for the sake of an ad doesn’t seem like much of a trade-off. This is especially so considering the company and its partners may or may not understand the importance of privacy and may or may not have put the proper procedures in place to safeguard it.
It’s time companies took a hard look at the data they collect and whether its retention can be justified. It’s also time for the government to put tougher guidelines in place to protect consumer privacy so that mistakes such as AOL’s don’t happen again.