The fallout from AOL's unintended release of personal search data of 658,000 subscribers could include fines, lawsuits, and changes in law and policy regarding search queries.
surviving rape, how to tell family members about incest and where people with HIV can find help.
Aftab said she believed that lawyers would be looking to sue under consumer fraud laws for violating customer agreements. Aftab noted, however, that she is not suggesting that AOL violated its privacy policies and has not reviewed them in connection with this disclosure. Others said they believe the company may have violated the Electronic Consumer Privacy Act of 1986.
Sherwin Siy, a lawyer for the Electronic Privacy Information Center said that any lawsuits resulting from the disclosure are likely to come from individuals and play out differently in each state, depending on tort laws in those states.
"It will affect individual people and will affect those people a great deal," he said during an interview. "It won't show up as a dollar amount for the FTC to take action against. It's not as quantifiable a harm, which creates a problem for people who are affected by this and it makes it much more difficult to make things right."
Siy said AOL didn't "just lose some money and have credit reports to fix."
"It's a more emotional and traditional sense of privacy," he said. "There are some things that other people shouldn't know about me. What I think, what I read, is something that I should be able to keep to myself. People should be able to determine how they hold themselves out to the public and AOL has removed some of that power."
Derek Slater, an activist with the Electronic Frontier Foundation, said during an interview that the release shows why Internet companies should not be collecting and storing such information in the first place.
"The hope is that out of this horrible disaster with AOL, we can get better policies," he said. "AOL did a great disservice to their customers here. They don't have to keep these logs. There's nothing forcing them to keep these logs."
He also said the company has downplayed how easily identities can be linked to the search information and "needs to be held to account."
Kevin Bankston, a lawyer for EFF, said the group is looking into taking action.
"This is the first time we've seen a huge release of search data," he said. "There's never been any disclosure of search terms of this scale. No court has ruled on whether search is protected by statute. When the laws were written, search terms didn't exist."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.