http://data.aolsearchlogs.com/log/random.cgi

Well, you asked Find me a single user that is identifiable by these queries (and you cannot just self-identify!). People said this with Alta Vista and Excite released their logs, but nothing came of it. So, let’s try this again… if you can identify someone via their queries, then you win, I’m wrong, and I’ll say so on this blog.

You asked for one, I gave you one.

Still I’m glad the nytimes proved my point, although the story seems to imply they tracked her down using queries alone, however they don’t explictly say this. I hope they doen’t get into trouble for using the information for “commercial use” by exposing that user :-s

Thanks for the discussion!

Certainly, if I can identify more by the user than IP… like his or her name… then yeah, I’ve got more. But IP address alone won’t cut it; I do need to have more information.

BTW, I was talking to someone from the New York Times today who has access to all their data. He didn’t say that he’d be able to track down an indivual or not, but he wasn’t sure. YMMV.

If the info was in a smaller number of hands, and a ‘black-hat’ got ahold of it, there wouldn’t be anyone telling those users that they are in danger. This is (roughly) the premise behind the ‘transparent society’…

Now, I’ll provide a few potential answers.
Nelson Gill, anonymized user 4539634.
Barbara Jean Leighton, anonymized user 5167434.
tki189@aol.com, anonymized user 18942526.
Evidently tibrown1964@aol.com signed up for Passport, according to anonymized id 12423492.

How about the query:
locate keith ivan thompson born 3 may 64 social security #### last address was 7th street apt 317 aurora colorado

It doesn’t expose the user, but it exposes someone else’s personally identifiable information.

or

birth certificate for debra ann collins 1-28-59 ss ####

There are a few dozen others like this. I’m astonished that people searched for their SSN numbers, and the SSN numbers of other people, but they did, and do, and even associate their names with them.

The worst exposure is this:

kristy nicole vega hammond la. social secruity number ### birth date 03 08 81 drivers license number la. ### address 41178 rene dr. hammond la.

There aren’t very many passwords, thankfully, but there are some.

That all said, I’m a member of SIGIR (although not the mailing list ), and I’m absolutely GIDDY with excitement over what I can do with this query information, in terms of useful research. This is going to be wonderful information, in a purely abstract sense. For those who do NOT have dark desires in their hearts, this is a great boon. For those who lean to the dark side…well, it is also, but I believe the potential for misuse is limited by the responsibility of the white-hats who’ll find the people with personally identifiable information and contact them, and let them know their info has been compromised.

– Morgan

As a researcher (with presumably a background in math), you should know that a sample of one does say much at all. So people should go through hundreds of IDs and check them. Your bet is lost with one identifiable person. And a very small percentage of IDname relations still means thousands of people with a big problem in their lives.

Also, you call the people which peek into the data ‘hypocrites’. I do not think this is true. No harm can be done with data which is available at every corner now. It is impossible to hide it again - as I see it, this is the often cited *observation* of ‘information wants to be free’.

With private data, harm is done if it is made public first. Once it is in the public, there can’t be any additional harm. This is, I think, the idea of the bloggers and I can understand that very well.

People/corps/govs with evil intentions do not even think about whether they are ‘evil’ if they use this data.