AOL to Members: "Oops!" Email Update January 24, 1998
When AOL members log on today, January 23, they are greeted
with a message from Chairman and CEO Steve Case. This is the first time since
McVeigh's privacy was compromised last September that this observer has seen AOL
acknowledge the Tim McVeigh scandal to its own members on its own service. While Mr.
Case acknowledges that AOL's actions in this case "compromised the privacy of one of
our members," he fails to mention that AOL also compromised that member's 17-year
career, and his ailing mother's only means of support. Mr. Case indicates a number
of additional steps have been taken to ensure member privacy in the future, but made no
mention of what, if anything, AOL is doing to ensure that one particular member does not
lose his livelihood. Mr. Case's letter follows.
January 23, 1998
For more than a decade, we have been working hard to build an interactive medium we can all be proud of. We have always recognized that privacy was an absolutely central building block for this medium, so from day one we've taken steps to build a secure environment that our members can trust.
We handle over one million calls each week in our customer service centers, and we protect the privacy of our members with great care and with stringent rules. Our member services representatives understand the importance of not disclosing any account information to anyone who is not the verified account holder. The verification process is sophisticated, and our policies are effective, clear and well communicated to all of our employees.
So it is with regret that we recently learned about an incident that compromised the privacy of one of our members, a Navy sailor. A member services representative received a call from somebody who later turned out to be a Navy investigator but called himself a friend of the member. The caller asked us to confirm that a screen name that was on something he had received was the AOL member's. Our employee should have refused to do this. Unfortunately, he did confirm the member's identity to the caller.
As we've said publicly, this should not have happened, and we deeply regret it.
After a thorough review, we've confirmed this was a matter
of human error. Our representative understood our privacy policies and procedures,
but made a mistake -- a mistake for which we take complete responsibility.
In light of this incident, we are taking additional steps to protect the privacy of our members. First, we are reinforcing the existing policies and procedures with additional employee training, including the use of case studies to highlight unusual facts and circumstances that member services representatives should know how to respond to. Second, we'll test our employees on their understanding of these policies and procedures. Third, we have communicated to our member services representatives the importance of not "confirming" a member's personal account information, even to that member's friends and family. Fourth, all representatives will be required to acknowledge in writing that they understand AOL's privacy policies on a regular basis. Finally, we will do everything possible to ensure that government agencies follow the law in seeking information about our members.
AOL's commitment to protecting the privacy of our members is stronger than ever. We will keep working to make AOL a service you can rely on, and this medium something we can, indeed, all be proud of.
[Home] [About Wired Strategies] [Kudos] [John's Top Tips] [About John Aravosis] [Clients] [Contact Us]