Although AOL tossed a couple of employees under the bus for releasing search data, I am hard-pressed to believe the dearly departed acted without the knowledge of more senior executives. Nevertheless, it took The New York Times less than three days to track a search string back to an individual--and the subsequent story has unleashed a torrent of reignited interest in Internet privacy. Reporters everywhere are scurrying to "follow up" the AOL story and predict who will be next to violate user data.
Here's the deal.
We live in a new world. Nearly everything we do at work, in stores, walking down most urban streets, or online is somehow being recorded. If you think Big Brother is behind it, simply spend an hour or two on YouTube, and you will see that we are willing, even happy participants in digitizing our lives. Photos and video that we used to convert from film are now stored by the billions on hard drives near and far. Every commercial transaction, whether online or in brick-and-mortar stores, is being recorded (and often sold to third parties). You let your grocery store link your name from your credit card to your purchase data knowing that they will sell it. Buying from one snail mail catalogue puts you in play with hundreds of other direct marketers.
Think of what you tell your banker when you apply for a mortgage or auto loan (and he turns around and sells it to someone you won't ever find out about.) Thanks to Osama, virtually every mobile call worldwide is being recorded (by our crack team of Homeland Security experts, who will find them within, say, weeks after the next major disaster). And you just can't help but feel, because you voted for the Socialist candidate in the last school board election, that somewhere, buried on a quadrillion-terabyte hard drive deep inside Cheyenne Mountain, is a file with YOUR name on it.
The Internet should be the least of your worries. You throw more personally identifiable information into the trash in a week than you give up on the Internet in a year. If you mechanically shred your brokerage, bank and credit card statements, go to the head of the class and take a bow.
The real damage AOL has done is to head-butt the whole notion of trust. For hundreds of years, we as consumers have given personally identifiable information about ourselves and our families to institutions we trust. For Christ's sake, you tell your local newspaper--or Conde Nast, or Hearst--your name, address, e-mail address, telephone number and credit card number every time you renew a subscription. And going IN, you know they resell their subscriber lists. You allow a shady-looking guy named Eric (who was your "host" tonight) to disappear with your credit card for 10 minutes after dinner in a restaurant. You tell your doctor all of your darkest secrets. Why? You trust all these folks. You even trust that Eric won't slip into the men's room and write down your card number to use later. Let's face it, if NYT.com put up a registration page asking you for your blood type and sexual position preference, you'd fill it out, because you really want their free content--and you trust that they won't turn around and resell your personal data to some porn spammer or drug company.
Now reporters are getting all worked up again about tracking cookies (that BTW do NOT collect any personally identifiable information), and in their rush to publish will inevitable overstate the "risk" to users of being tracked by Web sites or ad networks. With our luck, this will result in frantic phone calls to legislators to pass stupid laws to "protect" citizens against the nefarious Internet.
Thanks, AOL--that's another one we owe you.