AOLers fall on swords (and browser choices)

You're fired! It's IT Blogwatch, in which AOL's CTO and others "resign" over its earlier privacy breach. Not to mention what your choice of browser says about you...

Jason Snyder watches the story unfold:

Blowback on the AOL search-query scandal reached high up the corporate ladder today, as the company announced CTO Maureen Govern has decided to leave the company immediately ... The position will be filled by President of AOL Digital Services John McKinley, whom Govern replaced as CTO in September 2005. The company also plans to create a task force to improve privacy practices, a much-needed PR move, if anything, in the wake of the recent privacy scandal, which included The New York Times' outing of 62-year-old Thelma Arnold of Lilburn, Ga., as AOL searcher No. 4417749. Two other AOL employees have also been dismissed.

Barry Schwartz is surprised:

The Wall Street Journal ... discloses that Maureen Govern, the CTO along with the researcher who released the data and the manager overseeing the research have been all fired. I am kind of surprised that AOL hit someone so high to the top, but it does make a statement, a statement AOL must make.

Andy Beal is glad:

I'm glad to see AOL considers the accidental release of user's search data to be unacceptable ... Seems like an appropriate response to me. Anyone think AOL should do more?

Lisa Barone is flabbergasted:

Wow.
Though the firing was a necessary step, it still came as a surprise and was somewhat hard to swallow. It's unusual to see someone as high up the ranks as Govern take a fall, but if AOL hopes to re-brand itself as a "consumer-focused Internet company", it's something that had to be done. It's vital that AOL acknowledge the screw-up and show users that what happened was not acceptable by any means, and that it won't happen again. Today's firing is an unfortunate, but important, first step in doing that.
...
I'm glad to see AOL is stepping up and doing what needs to be done. Earning back the trust of its users will be an ongoing daily process that must take center stage from here on out.
Of course, simply playing musical chairs will not solve the problem at hand. This problem extends much further than Govern's desk and far beyond AOL. What happened at AOL could have easily happened at Google, Yahoo! or any of the other engines. Privacy concerns run industry-wide and will only be solved through increased transparency.
...
What happened at AOL was a gross reminder that the data the engines collect is saved and could therefore be leaked out to unscrupulous third parties ... now it's time for the other engines to follow suit, and for you as a user to demand that they do. You wouldn't let your family go to a doctor who refused to explain their privacy policy, so why would you agree to use an engine who won't explain theirs? You shouldn't.

Nick Douglas is only doing his job:

The bumbling company was responding to the outcry against its records-releasing fiasco, in which millions of user search records were released to the public. This is, of course, the second time this year that AOL has fired employees for a high-profile f***-up; the last victim was the customer service rep who wouldn't let user Vincent Ferrari cancel his account. Of course, in the Ferrari case, AOL was hypocritically punishing an employee for following the company's standard "user retention" procedure. In this case, they're totally valida-- oh, wait, AOL's official policy is to let the government peek at its search records anyway. NEVER MIND.

Michael Arrington reminds us:

This entire event was caused by a single clueless researcher and a complete lack of oversight by his managers. Hopefully these firings are tied to the actual people responsible and not just for the sake of holding someone, anyone, responsible.

Philipp Lenssen is... well, German:

“The fish starts stinking from the head,” as we say in Germany ... The data leak more than anything showed not the screw up of a single person or two, but a lack of systematic privacy protection. Some people (like Marc Rotenberg of the Electronic Privacy Information Center, or Jason Calacanis of Weblogs Inc/ AOL) now argue AOL should move forward and not even keep their search logs. But if that’s the only approach to maintaining privacy, we might as well forgot about moving applications online (think of services like Gmail, Gdrive, Google Calendar etc.).
Deleting this kind of data would have a privacy bonus though; the gov’t couldn’t successfully subpoena for private data anymore.

John K is pragmatic:

I don't think it's likely or realistic for a search engine not to keep logs, though maybe AOL could give up on improving user experience, fire ALL of their researchers and outsource all the privacy problems to Google. Even if Google wanted to, Sarbox regulations require much more mundane business material to be kept for long periods of time, and certainly could apply to web server logs in Google's case. Beyond that, how would Google continue to improve their service, or continue to reduce click fraud if they didn't keep logs? Here's the simple answer if you're that worried about privacy online: Don't use the Internet. Also, don't use credit cards, don't go to the ATM machine, don't have a driver's license, don't own a home, etc.

Warner Crocker is a Most Valued Cynic:

Accountability. What a concept. Too bad we don't have that in government like we do in the business world.

Buffer overflow:

Around the Net

• Richi Jennings: Email Cryptography Helps Avoid Bad Debts
• 4sysops: No more HAL-hell, the implications of Windows Vista’s hardware independent imaging technology
• Dave Rosenberg: Red Hat's complacency vs. Novell's terrible marketing
• Realtime-ITCompliance: Another Laptop Stolen With Personal Patient Information: HIPAA & Breach Notification
• Ryan Paul: Department of Defense study urges open source adoption
• Locutus: Administering mixed operating systems.
• Drunken Data: The Advancement of Storage Technology

Around Computerworld

• Frank Hayes: The FBI's fiasco
• C. J. Kelly: Stanford: Stronger authentication from the client (browser) side
• Martin MC Brown: IT sixth sense
• Mitch Betts: IT is underfunded, relative to corporate growth
• Robert L. Mitchell: What if they threw a recall and no one came?
• Shark Tank: It's Just 100,000 Lines, That's All
• Martin McKeay: Nmap-cgi: scanning from a web page
• Douglas Schweitzer: When times get tough, watch for phishers!

And finally... What does your choice of browser say about you?

Richi Jennings is an independent technology and marketing consultant, specializing in email, blogging, Linux, and computer security. A 20 year, cross-functional IT veteran, he is also an analyst at Ferris Research. Contact Richi at blogwatch@richi.co.uk.