The People's Exhibit A (davidology) wrote,
The People's Exhibit A

  • Mood:
  • Music:

AOL: All your privacy are belong to us

If you've not already read your daily slashdot feed, you may not have heard that AOL has quietly changed its TOS for the use of its AIM product which we all know and love.
In addition, by posting Content on an AIM Product, you grant AOL, its parent, affiliates, subsidiaries, assigns, agents and licensees the irrevocable, perpetual, worldwide right to reproduce, display, perform, distribute, adapt and promote this Content in any medium. You waive any right to privacy. You waive any right to inspect or approve uses of the Content or to be compensated for any such uses.

Obviously, that sounds awful. People treat IM clients as they do their cell phone (they probably shouldn't, but they—myself included—do). Now I should point out that in case you aren't aware, it's ridiciulously easy to eaves drop on IM conversations (especially in a single subnet like on a corporate network). Unless you and the person you're speaking with are using some form of encryption, the conversation between your computer and AOL's are sent in the clea, so you shouldn't expect privacy. However, you probably don't expect AOL to archive and have the right to disclose those conversations.

Now, I'm not sure of AOL's real intent here, but I don't think it's as malicious as we might think (although I think they deserve the lashing they're going to come into work to on Monday monring as pressure to change this awful policy). Here's why: it just reads odd for referring to an IM conversation "by posting content...." What I suspect is that this policy was borne of their expanding the free featureset for free AIM users (particularly publishing tools like a new blogging tool) and possibly from high profile incidents involving data theft.

The job of a corporate lawyer is to protect the company, and even if they don't plan on using data in a bad way, I can totally see the lawyer thinking "Well, I can't control the actions of our 84,900 employees. So while I don't want one of our employees selling our customer data to some ID theft ring or spammer, I want to reduce our liability if something should happen." If they write that policy and don't consult with their web team (or if their web team just doesn't think about this), these policies get published, and companies get slashdotted (in the bad way, not the good way).

I kinda doubt (and hope) that AOL's intent isn't to harvest their users private IM conversations for some nefarious purposes.

Anywho... one thing I do know is that I'd hate to be working in that department at AOL on Monday morning.

  • Post a new comment


    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.