AOL Responsible for Mass Disclosure of Data

     OAKLAND, Calif. (CN) – A federal judge found AOL accountable for disclosing personal information of 658,000 of its customers. U.S. District Judge Sandra Armstrong ruled that AOL’s accidental posting of its customers’ Social Security numbers, addresses, phone numbers and credit-card numbers violated its own privacy policy.

     “Obviously, a reasonable consumer would have serious reservations about disclosing such sensitive data – or entering certain such queries – if he or she were aware that AOL, contrary to its privacy policy, would make such information readily available to the public, without the members’ knowledge or consent,” Judge Armstrong wrote.
     Through uploading people’s Internet search records into a database posted on its website, “AOL disclosed highly sensitive personal information belonging to 658,000 of its members,” the judge wrote. “This information included highly sensitive financial information, including members’ names, addresses, telephone numbers, credit card numbers, Social Security numbers, financial account numbers, user names and passwords. Also disclosed was information regarding members’ personal issues, including sexuality, mental illness, alcoholism, incest, rape, adultery and domestic violence.”
     Though it removed the database from its website 10 days later, it had been downloaded and reposted on other sites, and the information was promulgated throughout the Internet.
Armstrong found the customers met the requirements to seek an injunction requiring AOL to destroy all records in its possession and ensure that the data no longer appears online.
     “AOL’s collection and disclosure of members’ undeniably sensitive information is not something that members bargained for when they signed up and paid fees for AOL’s service,” Judge Armstrong wrote.
     The judge granted in part and denied in part the plaintiffs’ request for a judgment on the pleadings.

%d bloggers like this: