Slashdot Mirror
AIM's New Terms Of Service
acaben writes "AOL has posted new terms of service for AIM, that include the right for AOL to use anything and everything you send through AIM in any way they see fit, without informing you. A sample passage: '...by posting Content on an AIM Product, you grant AOL, its parent, affiliates, subsidiaries, assigns, agents and licensees the irrevocable, perpetual, worldwide right to reproduce, display, perform, distribute, adapt and promote this Content in any medium. You waive any right to privacy.'"
I suppose if they want the rights to some irreversibly encrypted garbage, they can go right ahead.
In response, I have to say this: GPG goes over AIM very well. ;-)
Azh nazg durbataluk, azh nazg gimbatul, Azh nazg thrakataluk agh burzum ishi krimpatul! This sig blocked by Slashdot.
Does this apply to people like me who use Gaim? If I never have to click on anything to accept the terms of service, do I still have to abide by the terms of service simply because I'm using their services?
More like All your Rights are belong to us
and any information I care about goes through their SecureIM service.
So to AOL: I say this much, exploit fjkd;arjaiwor398u233209u''rju98e32 any way you want guys!
...in bed
I'm just guessing, but I think they dont want customers. I'm not sending much thru AIM with those terms of Service.
Also, what about users of GAIM, et al, that havent agreed to those terms? Can they enforce this there?
emt 377 emt 4
...Is that any smart business will not send proprietary information through AIM.
Of course, I say any smart business because I know some dumb ones will. Doesn't Microsoft have a similar policy with Hotmail?
I also really doubt if this were ever tested in court that it would stand. This is evil, but about what I'd expect from AOL.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
Perhaps we're about to see AOL/Time Warner roll out a new tv show... When 12 year old girls chat to each other over AIM - Uncut and Raw!
Game! - Where the stick is mightier than the sword!
I dunno, but that sounds like typical terms of service for something like Instant Messenger, and doesn't sound very surprising or new at all. Granted, I haven't thoroughly read their ToS before... They're supposedly used so that they can distribute your messages (IMs) without any possibility of "infringement," but who knows?
I'm going to have to send the up the bomb then...
-kaplanfx
Visualize Whirled Peas
Even though it looks pretty bad, just remember that the service is so popular that the chances any conversation would acutally be used in any meaningful way by a third party would be about as small as they are now.
1. Trillian. SecureIM, but Windows only.
2. SILC. Open encryption standard, many *nix ports.
3. JohnyTech. Windows encryption for a bunch of different IM protocols.
That ought to get you started.
*** formica has quit IRC (connection reset by phear)
FUD.
Actually, the traffic mostly moves from peer-to-peer. It's not like private messages and files all go through AOL's servers and then get to the other party. That would be a huge amount of traffic to deal with.
To confirm this, all it takes is less than a minute of looking at network traffic logs to see messages and files being transferred directly from one person to another.
This is not a dream, not a dream...we are transmitting from the year 1-9-9-9.
"We retain the right to spy on you, profit from any good ideas you have, and tell your wife about your girlfriend."
I'm just guessing, but I'll bet no one thought to run that last part past their management team...
No, you fool! You'll just give AOL, its parent, affiliates, subsidiaries, assigns, agents and licensees the irrevocable, perpetual, worldwide right to reproduce, display, perform, distribute, adapt and promote the bomb as they see fit!
99% of what goes over AIM is garbage anyway.
(I know, I produce a lot of it)
Heh, while I don't like AOL's decision, I fully support their right to make it. Millions of people freeload off of the AIM system. You do not have a reasonable expectation of privacy when using it.
"Nature doesn't care how smart you are. You can still be wrong." - Richard Feynman
off-the-record messaging is a standalone library which has also been included in a gaim plugin - its encryption with NO digital signing at all, however it still provides authentication (unlike trillians secureIM, which doesnt let you know WHO the hell you're talking to, despite the encryption.) it works for both nix and windows versions of gaim - i'm no encryption expert, but i sure um...feel a lot safer when using it.
perhaps someone more qualified than i can peruse their whitepaper and give some more informed feedback as to the security/robustness of the protocol/implementation :)
Why aren't you using Jabber instead?
It's Free Software, it's non-evil and there are clients for every platform out there.
You can even use it for cool stuff like IM'ing system alerts to you, as a cheap replacement for SMS on mobile phones (AUD$0.02 vs AUD$0.25) and to publish and subscribe to news feeds.
-- "So, what's the deal with Auntie Gerschwitz et all?"
They could scrub all the text for phrases like "I have a great idea" and then human parse them for interesting bits. Lots of false hits, but some gold in the rough to take, steal, and go to market first with the ideas? Who knows. Comb for ideas, sell to other companies and VC firms. Skim the filthy froth of the weary intarweb and sell it!
The following terms and conditions apply to all users who either registered for AIM services or downloaded AIM updates or software on or after February 5, 2004. AIM users who do not register for AIM services or download AIM updates or software on or after February 5, 2004 and are members of the Netscape Network will remain bound by Netscape's terms and conditions. All other AIM users are bound by the aol.com terms and conditions.
I suspect the vast majority of Slashdot users signed up for AIM years ago, if they did at all. This shouldn't affect them.
My userid is prime!
main() has a type!
This is not a "if you don't like them don't use them" kind of argument.
What's wrong about this is how sneaky it is. Terms of Service agreements are not read by the vast majority of users. So, they're basically screwing their AIM users without informing them. I don't consider little lines in Terms of Service informing them.
So, let's hope the media and slahsdot and others can make people aware of this.
You wonder how privacy rights are lost. It's the naievety of the common man.
Philosophistry
How will this affect Apple's iChat?
.Mac service. Will they just move to using the .Mac service solely?
There's no way Apple will go for this, and their app uses the AIM service as well as the
If they stop using AIM, there will be no way to have a proper videoconference with PC users. There is currently no other solution than using iChat on the Mac and AIM on the PC together. Yahoo Messenger only supports a webcam feature, no audio, but if you were to run Skype side-by-side, I assume that would work.
It's all about the clean solution, though, and if AIM's new terms cause Apple to have to rethink its instant messenger service, we may be without a decent conferencing solution for a while.
Harsh move, AOL.
Don't think that a small group of dedicated individuals can't change the world. it's the only thing that ever has.
The snippet from the privacy policy (here) with emphasis from me:
ROT 13 and DMCA them if they UN rot it.
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
Very well-crafted paper airplanes.
I don't get it.
Hey, how about getting that guy, whathisname, the one did that thing in Central Park, to interpret your chat session in plastic sheeting or whatever, like a big condom over the Empire State.
Free association really sometimes scares me...
They say the first thing to go is your penis. Well, it's either that or your brain. I forget which...
AOL is not any different from a mail carrier service because they do the same thing - deliver messages from one person to another.
You do not have a reasonable expectation of privacy when using it.
Why not? Many people abuse telephone network by tying up lines for hours at a time, so what? It does not allow the phone company to record and sell conversations.
This is precisely one of the reasons everyone should start paying attention to the XMPP standard. We shouldn't be trusting a corporate entity and closed standards with what has become a very viable form of internet communication. Just like the standards we use for http, ftp, ssh, and everything else, we all need to start supporting the standards for Instant Messaging too. It's time to get everyone we know off of AIM. And start showing them jabber. And those of us with programming skills need to contribute to the servers and clients to make the better and well known.
Seeing as how these terms were introduced on February 5, 2004, I wouldn't exactly call them "new." In fact, I had already come across these ridiculous terms a few months ago in one of my first forays into the world of 'reading the licensing agreement.' I was a little taken aback at first, but then I realized that most of what I, and most people, say over IM is complete garbage anyway and probably hardly worth the expense of any kind of data mining. Plus, if I ever really wanted to send sensitive information, I'd find a better way. So essentially, I think, this is a non-issue. But I could be wrong.
Okay, so a philosopher, a philologist, and a philatelist walk into a bar...
Not true...
Apple's iChat A/V and Trillian Pro on the PC are unstoppable together. AIM limits the size of the video on the PC, Trillian Pro doesn't... besides the video quality is really nice.
Can't wait to see skype with video though
Yeah, I use OS X... so sue me.
How would people feel if their phone company came out with a new terms of service which said that anything which was spoken over a phone on one of their lines becomes the property of the phone company itself and may be reproduced, rebroadcast, that its users forfeit all rights to privacy, etc...?
File under 'M' for 'Manic ranting'
Was looking again at jabber earlier today... it's come along way, with a solid, well defined, if perhaps slow moving, process. Many features have been fleshed out, including ssl, tls auth, db backing, multi-network bridging (msn, aol, icq, etc), server-to-server networking, group chat, legacy presentation (ie jabber to irc gateways), etc. Much more solid than other IM networks, and much more open.
and probably elsewhere.
Here's a suggestion. Just post the interesting part of the TOS (and a link to it) as your away message. Everyone will read it.
Okay, so a philosopher, a philologist, and a philatelist walk into a bar...
Some one here on slashdot aptly said, GTK on OS X is like putting Janet Reno in Playboy.
* Carthago Delenda Est *
Most people seem to be against this, but I, for one, welcome our lack-of-copyright-on-words enforcing overlords.
What I like about this is that there is no longer any doubt of whether or not you should encrypt anything sensitive - the answer is not "Maybe" but a resounding "Yes!"
If we're really lucky, it will also cause a unification of encryption standards across third-party (possibly even first-party) AIM clients.
Well, if you wait a few months, I believe Tiger's iChat will support Jabber.
http://www.apple.com/ca/macosx/tiger/ichat.html
Scroll down to the parts about "Your Serve" and "IM Me". While in the first paragraph I indicated, it doesn't mention Jabber by name, it is mentioned by name in the second.
"Your effort to remain what you are is what limits you."
You had better stop worrying and learn to love the bomb, then!
Many financial and energy trading companies do use AIM as a primary means of communication between traders. This is an unfortunate but undeniable fact. I wonder what impact, if any, this may have on potential reuse/sale/dissemination of information AOL might gather this way.
Which is why I've always used strong encryption to IM my friends. If AOL wants to break my 4096-bit RSA key to sell my "lol"s, then they're welcome to.
Technology is the solution to the erosion of our rights. If it's mathematically impossible to find out what you said, then... they won't know what you said. (Same for P2P. If you use Freenet you can legally share anything. Why? Because nobody knows (or can ever know) what you're sharing and what you're downloading. Laws don't solve problems!)
My other car is first.
It almost sounds like it might be time to "p2p-ize" a chat client. A combination of torrent/AIM-like functionality that relies on all of its users to provide the service to each other. That might make AOL very happy, but their paying customers are still stuck with an outrageously invasive policy. Oh, the irony.
There have been numerous stories here about MS's license on various products. In the end, most of them simply say that the system belongs to MS. That includes not only the software, but anything that is done on the system. i.e. all your base belong to us. AOL just simply moved to a more MS style license because not enough ppl punished MS for their garbage.
I prefer the "u" in honour as it seems to be missing these days.
You encrypt your posts? How will people read them?
I hate to sound like an AOL sympathizer, but the TOS specifically refers to "posts." Besides IM, AIM also provides message board services (or so I'm told by people who don't use Trillian, Gaim, or Psi).
Does "posts" refer to regular IM usage? AOL implies not, referring to "message board posts, chat participation, and homepages."
My reading of this is that AOL retains usage rights to everything you post on their static forums... forums which basically anyone can access. While I would feel better if this were not the case, that is a good bit better than AOL reading the I.M.'s you send to your co-workers.
It sounds like CYA to me. As if AOL were giving themselves the right to decide to add access to the chat forums online or through AOL's proprietary service. It's the kind of CYA that inspired them to prohibit people from using AIM "while driving, operating hazardous equipment, or engaging in other forms of hazardous activities."
On the other hand, go ahead and tell everyone on AIM about the TOS, without explaining that it's only posts. Then try to switch everyone over to Jabber. Please. The whole I.M. universe right now is about as convienient as sending E-mails from CompuServe to AOL in 1992.
The ______ Agenda
Isn't AOL considered a "Common Carrier" and therefore immune from prosecution because they claimed that they do not, will not and cannot monitor the content going through their "wires". This was back in the days when ISPs were getting shut down if they allowed child porn through their servers or something like that -- and the bill came through that said that ISPs were responsible for the content of their users, unless they were Common Carriers such as AT&T and AOL (and any other big company that could afford to buy a Senator).
Now here comes along AOL saying that they WILL monitor and so, I have to ask, if we send child porn through IM, doesn't this mean that if AOL lets it go through, AOL can be taken down for allowing trafficing of child porn because they have given up their common carrier status?
If telephones are outlawed, then only outlaws will have telephones.
"If you use Freenet you can legally share anything."
So on Freenet, hosts can magically connect with eachother wihout knowing eachothers IP addresses?
Suuuuuure.
Keep on drinkin' that coolaid.
Also...I fail to see how using Freenet to share the lastest movie would somehow make it 'legal'.
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
Jabber!
I've been using it for over a year now.
HAL 7000, fewer features than the HAL 9000, but just as homicidal!
Which is why I've always used strong encryption to IM my friends. If AOL wants to break my 4096-bit RSA key to sell my "lol"s, then they're welcome to...
Hmmm...wonder how long before any encrypted messages are blocked? After all, it is THEIR servers the messages are going through, so they can filter.
No, the new terms are:
"Remember, it's not rape if you click 'yes'".
: )
That comes from the gmail terms of use. What you say in gmail belongs to you. Sure they can parse it and toss in their adds on the side and have to release it under subpoena (next paragraph in the ToS), but they can't publish it or anything like that. It is not, as many people incorrectly interpret, simply a matter of Google promising they won't use your emails illicitly. They have legally bound themselves not too.
I'm sure AOL isn't really interested in what 12 year olds gossip about or finding criminals, but these new terms still place your words in the possession of AOL Time Warner. Focus on this part:
AOL can make money off of what you say or do while using their client and they can cut you off. I know engineers who use AOL to assist with telecommuting. If they did something dumb like mention that "the new ShinyDooDad 2000 is going to replace all of its cams with widgets, fixing all the problems of the 1000," we might see AOL suddenly start a ShinyDooDad subsidiary.
Bottom line: If Google sold an email, they'd get a nifty fine, probably a handsome lawsuit, and a rather sharp slap on the wrist. If AOL sold an instant message, they'd just have to declare the profit on their 1040 or whatever corporations use for taxes
At least they are honest about it, unlike some other services like, say, short messages on cellphones which give you an illusion of privacy. Face it - we are in an era when to have any privacy you have to actively protect it and sometimes it might be even illegal (example - encryption in France).
I can see it now:
;)
BobTheAccountant89: Hey Sue, I just figured out a way to cut costs by 50% while boosting quality and productivity by 120%!!
SexySueTheCEO: and then he took off my bra and we were so hot
SexySueTheCEO: wrong IM window LOL
BobTheAccountant89: ROFL
SexySueTheCEO: shh..
BobTheAccountant89: bashed.
SexySueTheCEO: omg no!
BobTheAccountant89: j/k
SexySueTheCEO: lol
BobTheAccountant89: lol
SexySueTheCEO: so how do we do it?
BobTheAccountant89: well when a man loves a woman very very much...
SexySueTheCEO: OMG i mean you're idea
BobTheAccountant89: well first we blah blah blah and then we blah blah blah and then we blah blah.
SexySueTheCEO: wow that's great
***AOLSystemMSG: Your IM session has just been lost. The idea from "BobTheAccountant89" is now soley the intellectual property of AOL Time Warner Inc. per your agreement in the ToS. Thank you for using AOL. Be sure to tell your friends.
Guys, I'm amazed at how calmly you're discussing this issue! Most of you're discussing workarounds -- e.g. how to use gpg or secure-im to avoid being eavesdropped on.
In my opinion the real issue is that the statement "You waive any right to privacy" may be the most evil statement in any EULA ever. Shouldn't these six words alone cause an outrage beyond belief here?
"AOL does not read your private online communications when you use any of the communication tools offered as AIM Products. If, however, you use these tools to disclose information about yourself publicly (for example, in chat rooms or online message boards made available by AIM), other online users may obtain access to any information you provide.
Your AIM information, including the contents of your online communications, may be accessed and disclosed in response to legal process (for example, a court order, search warrant or subpoena), or in other circumstances in which AOL has a good faith belief that AIM or AOL are being used for unlawful purposes. AOL may also access or disclose your AIM information when necessary to protect the rights or property of AIM or AOL, or in special cases such as a threat to your safety or that of others."
The content referred to in the Privacy Policy is for posts in AIM forums and message boards and such, and the point of all that crap in the TOS is so that AOL has the legal right to copy and display anything you put in the forum worldwide, for as long as the forum/website exists, and you can't in any way sue them over something you post in the forum. It's NOT saying "we will read your IMs and reproduce and use them however we want". Please mod this up so at least some people read it and stop freaking out and spreading FUD unneccessarily.
-Jay
6079SmithW: Do you remember the thrush that sang to us, that first day, at the edge of the wood?
AntiSexJulia: He wasn't singing to us. He was singing to please himself. Not even that. He was just singing.
6079SmithW: We are the dead.
AntiSexJulia: LOL! We are the dead.
AOL System Msg: You are the dead.
~Philly
If you use Freenet you can legally share anything. Why? Because nobody knows (or can ever know) what you're sharing and what you're downloading.
So if you break a law and don't get caught, it's legal? Riiiiiiight.
Les Miserables Volume 1 now up with my reading of
I'll say *never*.
base64/uu encoding of messages produces all standard characters. Unless AOL is going to try doing fuzzy-logic dictionary look-ups, and/or statistical analysis on ALL messages, there's no way they would even know the difference between encrypted and unencrypted messages.
The above methods would be impractical, and even if not, they would have to be very, very careful not to accidentally drop an unencrypted (though unintelligable) conversation.
Personally, I think AOL is going to eliminate encryption the same way the NSA did for e-mail... Just wait silently behind the curtain, and when there hasn't been any sign of evesdroping for some time, apathy will kick-in, and encryption will just fade-out on it's own.
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
you grant AOL, its parent, affiliates, subsidiaries, assigns, agents and licensees the irrevocable, perpetual, worldwide right to reproduce, display, perform, distribute, adapt and promote this Content in any medium. You waive any right to privacy.'"
Where does it say they assert _sole_ownership_ of your content? Aren't they, in effect, pressing you to GPL of your content?
How progressive of AOL.
so, out of some 200 comments rated 2 or higher as i write this (not counting one comment i made in the bottom of some thread somewhere) it seems that almost everyone here has missed the point....
a) only 2 people have mentioned that these terms of service are over a year old.
b) only 2 people have pointed out that these terms of service apply to posts on message boards and forums, which they reserve the right to replicate, duplicate, etc, and not to instant messages.
c) no one has pointed out that the vast majority of the messages sent through aim are sent client to client, and never travel through aol's central server, so even if they did reserve the right to use your im's any way they saw fit, and they had the desire to, there's no way that they ever could.
man, talk about making a mountain out of a molehill. one person yells "0 my g0d. teh AOL r stealing our pr1v4cy!1!!" and the whole army of slashdotters goes running for their tinfoil hats. get a grip people.
If I don't put anything here, will anyone recognize me anymore?
Dictionary look-ups on AIMers? You're kidding, right? Normal AIM messages look like a base64 encoded file anyways.
"That's so plausible, I can't believe it!" - Leela
just because there is no one there to hear the tree does not mean that it does not make a sound
If you don't get caught, you don't get punished. Thus, the end result is that the same thing happens to a law-breaker that happens to a non-law-breaker (i.e. nothing). Therefore, effectively, a law was not violated.
So what you're saying is that Jack the Ripper, effectively, never broke the law?
Les Miserables Volume 1 now up with my reading of
No, since not everyone IMs in English. Even speakers of non-Latin based languages often use the English alphabet in IMing (ex. Arabic and Hebrew). There is no way to distinguish these from an encrypted message.
The dangers of this site have been well explained here, but how many people are going to find it and read enough to understand it? It's just sad that the general population is so completely clueless about the basics of cryptography.
The TOS reads:
he following terms and conditions apply to all users who either registered for AIM services or downloaded AIM updates or software on or after February 5, 2004.
Many posts here are talking about using third party encryption tools to circumvent this.
This new TOS DOES NOT APPLY TO ME (nor to many of you). Why not?
I didn't agree to their terms of service.
I didn't sign up after 2/5/2004.
I don't download AOL's AIM client. I use GAIM exclusively.
AOL, use the messages I haven't give you rights to, I dare you.
1. Send interesting messages
2. Wait until AOL uses one somehow.
3. Profit.
I wonder how this will affect iChat users. After all, we can use the AIM service, but I don't think we go through a AIM TOS, because iChat is an Apple product. It'd be interesting to see.....
So if I understand this correctly, AOL is assuming the copyright on anything you post. So if you post something inflammatory, libelous, or hateful, AOL owns it....
So if someone wants to sue, they sue AOL?
"You had better stop worrying and learn to love the bomb, then!"
But first we will need many large-breasted women.
In the free world the media isn't government run; the government is media run.
Which is why I've always used strong encryption to IM my friends.
...
That's fine if you're trying to protect the content of your IMs.
But the main thing they're interested in at the moment is your address info.
I worked recently on a project that involved software in assorted computers using either email, IM or VM (whichever worked) to people's cell phones, smart phones, PDAs, whatever. It was a medical app, actually. Automatic reminders to doctors and patients, messages from portable health monitors to hospital computers, etc. Useful stuff.
An interesting thing happened with IM. With most sorts of cell phones, for our computers to send an IM required sending email to an email-IM gateway. This seems like a reasonable approach, but we quickly discovered a serious problem: The phones we were using for testing quickly started getting IM spam and telemarketer calls.
When I complained about this, I learned about an interesting gotcha in the phone contracts. Most of them include (heavily promoted) promises that they will never sell their subscribers' info. That sounds nice, until they explain that in our case, the sender wasn't a customer, and they can legally use a non-customer's messages however they like.
So if I or my computer send you an IM, your phone company can legally harvest both of our addresses in their gateway. The message came from a non-customer; your contract is irrelevant. If you reply to me, my ISP (or phone company) can legally harvest your message, because you're not a customer. Both companies can do as they like with the address info without violating any contract, because there was no contract with the sender.
I have in my posession a couple of spam messages inviting me to attend conferences on the commercial uses of harvested IM messages. Yes, they really did have the chutzpa to send me an invitation to learn how to do unto others what they've just done unto me (and some very angry medical folks). I didn't go
It just sounds like AOL has taken this one small step further: Their contract says they can harvest info from messages between customers. This is really the only thing new; they can already do this if the sender isn't a customer.
So when people start chanting "contract law" in this topic, you might remind them that contract law doesn't apply when there's no contract. If they look puzzled as to why you said that, describe the above scenario to them.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
AIM Products For purposes of these Terms of Service, the term "AIM Products" shall mean AIM software (whether preinstalled, on a medium or offered by download), AIM services, AIM websites (including, without limitation, AIM.COM and AIMTODAY.COM) and all other software, features, tools, web sites and services provided by or through AIM from America Online, Inc. and its business divisions (e.g., Netscape) (collectively "AOL") and AOL's third-party vendors.
In this case, Apple is a third party vendor.