Slashdot Mirror

← Back to Stories (view on slashdot.org)

AOL Happily Releases Information to Cops

Posted by ryuzaki0 on

DigDug wrote in with a scary article about how closely AOL cooperates with law enforcement agencies. In the article, a local (Loudoun County, VA) Sheriff's Deputy is quoted as saying, "AOL is extremely law-enforcement friendly ... they don't hold anything back." While I'm sure we all want criminals brought to justice, there are some serious privacy concerns here. If you send e-mail to someone with an AOL account, apparently you'd better be v-e-r-y careful about what you say.

5 of 124 comments (clear)

  1. Re:Let's create free AOL-like services... by duckbill · · Score: 3

    (1) AOL's policy is located on the article page. In short, they only release emails on a warrant, and will release identities even in a civil action. Even if AOL never stated a policy and specifically contracted with you to withhold information even if presented with a court order, the contract would be null and void. Contracts that are in deference to the law infer no obligation on either party.

    (2) If someone emails you with a credible intent to commit a murder, you're failure to present that to the police does not make you a de facto accessory. In the majority (but not all cases) a failure to act does not impose criminal liability. Most often, you have to give aid, or participate in the planning, with a culpable state of mind to be an accessory. If you go to an extra effort to withhold the evidence, you may be guilty of obstruction of justice. If you intentionally deceive and make false statements about the evidence, you could be charged under one of the many perjury derivatives. (Perjury usually requires a sworn statement, but there are satellite laws that cover filing false reports, etc.) You are correct that someone could come forward with the letter as evidence. This could be very persuasive toward establishing that you were part of a criminal conspiracy. This is especially true if coupled with other circumstantial evidence involving the crime. In mixed situations, your failure to disclose the letter or warn the intended victim could make you a liable for a tort against the victim (and subsequently his estate), or against his close family for wrongful death.

    (3) I think you are correct. I have never had a personal account with AOL, but I was with a company that did business with them in '93. I do not recall there ever being a representation that your handle created anonymity. I don't know what AOL considers from their point of view, but it is in issue as to how cozy they are with authorities. The article seems to imply, without overtly stating, that AOL may cooperate in absence of a warrant. Furthermore, the issuance of these broad warrants in frequency and scope appear to tread real close to constitutional violations of search and seizure.


    IMHO, I think what scares the pants off of these companies is that they do not kiss the a#$ of the authorities, a zealous prosecutor will hit them with RICO charges. I am not a personal fan of RICO, its too big a weapon in the prosecutors arsenal. Its scope for seizure of personal and corporate assets is far too large, and its burden of proof is entirely too small.

  2. Big Brother? by halbritt · · Score: 3

    I'd be the last person to defend AOL but the conditions under which information would be released, as described by the article, are really no different than any ISP. I'm sure the authorities could gain the same access to information by serving an individual with a search warrant and getting the information from his computer. What really should be questioned here is not AOL's policies for giving information in response to a "valid legal process" but the conditions under which such warrants and court orders are approved.

  3. And this is different from any other ISP how? by amayhew · · Score: 4

    AOL is just acting in the same way that any other common carrier operates. Which is every ISP in the US (along with phone companies and backbone providers). They only release information if there is a subpoena or a warrant and your local ISP probably operates the same way (or should legally). If the police (or anyone else for that matter) gets a warrant or subpoena for logs, user information, or anything else that an ISP keeps on their servers then the ISP has to legally give that information up. Did you actually read the article and realize that AOL's policy is just that? They only release information requested in a subpoena or warrant. It is not like they are giving it away. The only information which they do give out to the FBI is in their chat rooms. Additionally, that information is the screen name of the individual and what kind of complaint some other AOL user made against that person. Notice, an AOL user must make a complaint before they forward any information on to the FBI.

    The only reason this even makes the news is because AOL is so huge. If you would actually read the article and understood even the basic laws that telephone companies and ISPs have to operate under then you would know that AOL is operating no differently then your mom & pop ISP shop in the middle of nowhere when it comes to dealing with the law. So if you would get your head out of your ass and actually think, you would realize that AOL is not the problem in following the laws, but the laws themselves are what are not protecting your privacy.

    If you are really worried about your privacy and you are worried about who is giving out your personal information, then maybe you should find out how that information is protected (or is not, depending on your pov) and then work to have the laws fixed.

    No, I don't have an AOL account, I don't care to have an AOL account, and I could care less if AOL lives or dies. But I have worked for ISPs in the past and I know how they are bound legally and what is stated as the AOL policy for giving out information to the authorities is precisely what is required by law.

    The only reason I felt the need to even make this post was because the comments that I saw were so knee-jerk and unthinking that, aside from the lack of all-caps, they could have come from AOL users. If AOL was voluntarily giving out user information without the benefit of a warrant or subpoena then this would have actually been newsworthy.

    --Andrew

  4. No need for /. people to worry, but... by rde · · Score: 3

    A bunch of people have suggested solutions, from PGP to using real ISPs. That's cool for the /. audience, all of whom are at least slightly technically savvy. AOL's user base, on the other hand, consists mainly of people who know barely enough to stick one of the 68,000 CDs they were sent into the drive and crank it up. This isn't a criticism of these people; they simply don't use computers.
    These people never heard of PGP, and as far as they're concerned, their email is private. These are the people about whom we should worry; the technologically ignorant are most at risk.

  5. The real issue is evidence by Anonymous Coward · · Score: 4

    People, what we should really be concerned about is not how readily AOL cooperates with law enforcement, but how readily law enforcement uses that information. Email and log files are not the same as finding someone's fingerprints. It's not physical evidence. These things are stored in databases. Databases which can be altered. No one in law enforcement that I know of seems to realize this.

    Case in point. Do you remember the Melissa virus? It was traced back to a usenet posting made by an AOL user.

    "Who was online at the time?" asked the feds.
    "Um... Our logs say it was that guy" said AOL.

    And as you probably saw on TV, he was dragged from his house. How hard would it have been to change a log file? It's just 1's and 0's. Is AOL asked to prove that the logs were not tampered with? Of course not. It's impossible to prove such a thing.

    And if tampering is not suspected, what about simple errors. Flip one bit and your SSN becomes someone else's SSN. Anyone seen the movie Brazil? A computer glitch causes the wrong person's name to be printed on a warrant for arrest. Do you really believe such errors don't actually occur?

    Finally, it scares me how quickly law enforcement agencies jump on people when there is a media frenzy in the air. It's like they smell blood. The local governor showed up when they arrested the alleged author of Melissa. He was pronounced guilty without any real evidence.

    So, to restate my point, the real problem is not that AOL or any ISP cooperates with law enforcement agencies. The real concern here should be that 1's and 0's are treated like physical evidence by a public so ignorant of technology they actually believe that if they see it on their screen, if it's written in a file, it must be true.

    "I do not fear computers. I fear the lack of them." - Issac Asimov