EFF Raises Privacy Concerns About AOL Instant Messenger
The new preview version of AOL Instant Messenger raised privacy concerns for us when it was first introduced, first because it started storing more logs of communications and second, because it apparently scanned all private IMs for URLs and pre-fetched any URLs found in them. We met with AOL to discuss how these features work and why the company should take greater care with your data, and we’re happy to say that AOL is promising to make some important changes as a result, especially in response to our second concern.
However, we still recommend that AIM users do not switch to the new version, as it introduces important privacy-unfriendly features. Unfortunately, AOL's moves are in keeping with a general trend toward more pervasive cloud-based services in which your personal chat data is centrally stored in plain text and an easy target for law enforcement and criminals. This shift toward central logging is troubling in many situations, including in chat.
We appreciate AOL's willingness to discuss these changes with us and we're extremely pleased to see AOL taking some steps to safeguard their users' privacy and give better notice, which only becomes more important as the company moves toward providing more cloud-based services. Nevertheless, we think there’s more AOL should do to respect its customers' privacy and to fully inform them about, and get opt-in agreement to, these significant changes.
Bottom line: Because signing onto the new version of AIM permanently changes your account settings to log all conversations to AOL’s servers by default, we recommend that existing AIM users do not upgrade. As always, we recommend users stay safer online by using chat clients that are compatible with OTR.
More at eff.org