"Search terms can expose the most intimate details of a person's life -- private information about your family problems, your medical history, your financial situation, your political and religious beliefs, your sexual preferences, and much more," said EFF Staff Attorney Marcia Hofmann. "At the very least, AOL should notify every customer whose privacy has been jeopardized by the company's careless handling of this incredibly private information, and AOL should not store this kind of data in the future when it doesn't have to."
The data is associated with unique numerical user IDs, so each users' search terms are grouped together. These histories have already exposed numerous users. The New York Times identified one user and the reporters said it was "incredibly easy" to track her down from her searches.
SiliconValleyWatcher reports that a number of sites sporting the data have sprung up like AOLPsycho.com and AOLStalker.com.
And EFF confidentially submitted examples of search queries containing personally identifiable information and search histories that could likely be tied to particular AOL subscribers.
"We've asked the FTC to make sure that AOL rectifies the damage that's been done and improve its privacy protections for the future," said EFF Staff Attorney Kevin Bankston. "But this problem isn't limited to AOL -- every search company stores this kind of data. Hopefully, AOL's shocking violation of its users' privacy will spur Congress to clarify that the same law that prevents these companies from disclosing our personal emails also applies to our search logs."