AOL CTO Shown the Door

BrewerDude writes "Reuters is reporting that AOL Chief Technical Officer Maureen Govern has resigned from the company. Is this an appropriate penalty for releasing 20 million keyword search results, or is it too harsh, or not harsh enough? What do the slashdot readers think is the appropriate outcome of this fiasco?"

The buck stops here

[BWJones]

Is this an appropriate penalty for releasing 20 million keyword search results, or is it too harsh, or not harsh enough?

Well, it would certainly be nice to see companies (and governments) go back to a model where "the buck stops here" and take responsibility for their actions. I don't know who ultimate thought "I know what let's do" and release these records for public consumption without even "anonymizing" them, but the CTO is an appropriately responsible party I would guess.

Apropriate?

[ackthpt]

Is this an appropriate penalty for releasing 20 million keyword search results, or is it too harsh, or not harsh enough? What do the slashdot readers think is the appropriate outcome of this fiasco?

The paradox is that the one who takes overall responsibility is axed, yet they have learned from the experience. They have also undoubtably done many things right, which their successor may goof on.

It's trading a devil you know for a devil you don't. Should have just docked her pay, made her stand in a corner of sommat.

Where's the connections...

[__aaclcg7560]

They fired the person who released the data and the supervisor, and the CTO was shown the door. I think the management structure was a bit too flat for me to not be suspicious. Was there people between the supervisor and the CTO who should've gotten the sack? Or was the CTO shoved onto her proverbial sword as public sacrifice to blow over the controversy? Or what are they really covering up? Inquiring minds want to know...

Scapegoat maybe?

[MoogMan]

I fail to see how this could be the CTO's fault...

CTO seems to be the wrong person.

Seems like the right person was the business man & legal council person who decided that AOL would keep these search records in the first place.

What the CTO did is merely reveal that AOL was deliberately holding on to this privacy time-bomb and exposed it in a relatively minor way. The person who actually leaked the data should be praised as a whistleblower.

I want whomever APPROVED STORING the logs to be fired; and whomever adviced that hanging on to this kind of data is worth the potential risks should be locked up and sued.

Re:CTO seems to be the wrong person.

[jesuscyborg]

Are you daft??? Do you really expect search engines to not keep tabs on what people are using their service for? EVERY search engine keeps records of searches; they'd be crazy not to. Most use them for good, to improve the results by figuring out how to adapt to the way people use it. Other companies hand sell them to the government and private companies...

I don't think there is any problem with retaining data, as long as they can be trusted to keep it safe and be held accoutable if they don't.

Re:CTO seems to be the wrong person.

[tomstdenis]

Your right to privacy stops at the their colocated servers. Get with reality man.

To expect privacy you have to be conducting yourself in a PRIVATE manner. Broadcasting your search requests in PLAINTEXT over the internet to a server which does not [nor must] guarantee privacy is not conducting yourself in a private manner.

Tom

Re:CTO seems to be the wrong person.

[Jahz]

Yes, I expect them not to. I have a right to my privacy, this is a clear violation of it. Keeping this type of data, even internally, should be illegal and result in criminal penalties against the executives who ok it.

You also have the right to read AOL's Term of Service and Privacy Policy when you use their free search engine.

You really are naive aren't you? You don't think that you bank keeps tabs on you? How about the state transit department when you use the automated (EZ-Pass, FastLane, whatever) payment system? What about the access card you use to get into work? Do you doubt that your gas station pumps don't know that you're going to put the cheap stuff in as soon as you swipe the card? The list goes on forever... get with it.

Re:CTO seems to be the wrong person.

[SpecTheIntro]

My right to privacy never stops- its an inherent right of humanity.

That's an interesting philosophical point, and one that's not really espoused by most of the philosophers on whose work our government is based. Is this something you believe personally, or is there a particular work you believe best defends this view? Because in the US, (and forgive me if you are not a US citizen), the right to privacy is an implied right, and not explicitly stated in the Constitution. It really only manifested itself in the 20th century after numerous Supreme Court decisions, and in those cases governs only a person's privacy from the government, not necessarily other private entities. Are you saying you think the right to privacy should extend further?

Re:CTO seems to be the wrong person.

[Bronster]

If I was them I'd be hanging on to them for at least a week to be able to diagnose problems, but that's just me.

See also: google's "spelling correction" magic which is based on statistical analysis of past search queries - this data is useful for improving their service.

Kudos to the CTO.

[lancejjj]

AOL Chief Technical Officer Maureen Govern has resigned from the company. Is this an appropriate penalty for releasing 20 million keyword search results, or is it too harsh, or not harsh enough? What do the slashdot readers think is the appropriate outcome of this fiasco?

Assuming she honestly resigned, big kudos to her for taking the responsibility and the heat, and not passing the buck down to the people who need the paycheck. It's not often that a person in power will take the fall - most often, 100% of the blame gets placed on lower-level people who were just doing what they were told.

I'm sure she didn't make the decision or understand the ramifications - after all, she is a CTO. And hopefully there are some people at AOL who would have known that this was a bad idea. But in the end, it was up to her to prevent this from happening. ... or the CEO.

this had to happen

[mrpeebles]

Forget moralizing the release of the keywords. From a business standpoint, this was terrible for AOL. They are trying to reinvent themselves as an internet service rather than internet access that, among other things, is responsible for your computer security. My memory, at least, is that recent AOL commercials have all stressed in particular that buying AOL helps protect you against "viruses". Then they release these search results, and eviscerate this new image they were building for themselves. Heads had to roll.

Re:He should have been fired.

When you get that far up resigning is a lot like getting fired.

Fiasco?

[SuperKendall]

The AOL release of search terms is (A) a boon to research on real-world searching habits, and (B) a wakeup call for those so stupid to think that anything they send over a PUBLIC network unencrypted is ever in any way private (which in this case it really wasn't either).

Were there privacy agreements in place with those who did the AOL searches? Not if you read the TOS carefully. We should all thank AOL for making it very publically clear that any searches may be later drug up under other conditions. Google promises never to release the search terms but still retains them and that means MANY different people within Google probably have access to that raw data, not to mention anyone at your ISP.

If anyone out there thinks this is bad, I encourage you to start your own search firm that clearly outlines you will never store search results and then get pummeled into gravel as companies that can try new search techniques using historical searches and data walk all over you with R&D. That's the whole tradeoff here that we all implicitly agree to by using these companies services, they are also getting our data. If you don't like it stop using the services but don't expect the companies to change something that is not very practical to change.

If you are worried about such companies having your data remember a few things:

1) You are one of hundreds of millions.

2) Your life is really not that interesting when looked at in great detail. This is true of anyone on Earth.

Find that in the Constitution, bright boy.

[LibertineR]

"My right to privacy never stops- its an inherent right of humanity."

Put away the love beads, hippie. You and others who believe that kind of nonsense need to get real.

If your Privacy rights were "inherent" as you say, the US would not have had to pass the National Privacy Act in 1988.

Re:Find that in the Constitution, bright boy.

[Pharmboy]

Or the Privacy Act of 1974, the most used and quoted privacy act in US history.

People confuse the 4th Amendment with the "right of privacy", when it is a very limited grant of privacy, that the government has to have a warrant to search through documents you have chosen to keep private in your own home, or the home itself.

The courts have constantly held that what you THROW AWAY or do in public (ie: speak), or do in your own home but in the plain view of the public (through an uncovered window) has no expectation of privacy. Using a search engine is accessing in the public and subject to their Terms of Use, and is not "private" in the traditional sense.

Just as if you dialed 411/information and asked them for a number "for a gunshop so I can kill me wife". A search engine is just a digital 411 in this respect, except they log the question instead of someone "listening". You can't expect privacy when accessing a publicly available service.

Real world case: Texas DA needed DNA to prove a case against a guy, but not enough evidence to get a warrant. They follow him, he spits on the sidewalk, they literally sample it an run DNA, get a match, which is used to obtain a warrant and get a sample from blood, which is used to tie him to a crime. He appeals, it is held up as he should not have an expectation of privacy for something he "throws away" in public.

Re:Find that in the Constitution, bright boy.

[rm69990]

You mean this 4th amendment? The one that says:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

I fail to see how that supports your position. There is a difference between expecting documents sitting in your filing cabinet or on your hard drive to remain personal (which is supported by the 4th amendment), and information that you knowingly and intentionally turn over to a third party, while agreeing to their TOS that specifically state that they are retaining these records, and specifically require you to waive your right for privacy. If I take my medical history and tape it to the side of my mailbox or the windshield of my car, is that information still confidential? In the eyes of the law, it is not. If you post your medical history on the internet for all eyes to see, is it still confidential? Nope. If you mail me a personal document, is there some law that says I have to burn it and not store it in my filing cabinet? Nope. As soon as you release information to a third party, unless you have a confidentiality agreement with them, or unless they are your doctor or lawyer, you've waived your right to privacy, plain and simple. I find it funny that you wave the 4th amendment around, yet you can't provide any case law supporting your position, and a strict literal reading of the amendment itself does not support your position. Go ahead and try again though!