AIM's New Terms Of Service

acaben writes "AOL has posted new terms of service for AIM, that include the right for AOL to use anything and everything you send through AIM in any way they see fit, without informing you. A sample passage: '...by posting Content on an AIM Product, you grant AOL, its parent, affiliates, subsidiaries, assigns, agents and licensees the irrevocable, perpetual, worldwide right to reproduce, display, perform, distribute, adapt and promote this Content in any medium. You waive any right to privacy.'"

Fine, then

[cerberus4696 (765520)]

I suppose if they want the rights to some irreversibly encrypted garbage, they can go right ahead.

Re:Fine, then

[DoraLives (622001)]

I suppose if they want the rights to some irreversibly encrypted garbage, they can go right head.

Absolutely. Go right ahead and plan on your average AOL user getting on board the clue train and encrypting their messages. Oh yeah. Really.

Re:Fine, then

[MagicDude (727944)]

AOL users already incrypt all their transmissions. Take the simple sentence "Hey dude. What are you doing later? I was thinking we should go to the mall." which becomes incrypted as:

HEY DUDE11!!!1 OMG WUT R U DONG L8R????!?? LOL I WAS THINKNG W3 SHUD GO 2 DA MAL!!1!1!11 WTF LOL

Damned if I can decrypt that

Re:Fine, then

[ackthpt (218170)]

I suppose if they want the rights to some irreversibly encrypted garbage, they can go right ahead.

UUEncode Windows and send it to yourself over AIM.

Let Microsoft and AOL club each other to death :-)

No encryption necessary

[EvanED (569694)]

99% of what goes over AIM is garbage anyway.

(I know, I produce a lot of it)

Posts - not IM

[cgenman (325138)]

You encrypt your posts? How will people read them?

I hate to sound like an AOL sympathizer, but the TOS specifically refers to "posts." Besides IM, AIM also provides message board services (or so I'm told by people who don't use Trillian, Gaim, or Psi).

Does "posts" refer to regular IM usage? AOL implies not, referring to "message board posts, chat participation, and homepages."

My reading of this is that AOL retains usage rights to everything you post on their static forums... forums which basically anyone can access. While I would feel better if this were not the case, that is a good bit better than AOL reading the I.M.'s you send to your co-workers.

It sounds like CYA to me. As if AOL were giving themselves the right to decide to add access to the chat forums online or through AOL's proprietary service. It's the kind of CYA that inspired them to prohibit people from using AIM "while driving, operating hazardous equipment, or engaging in other forms of hazardous activities."

On the other hand, go ahead and tell everyone on AIM about the TOS, without explaining that it's only posts. Then try to switch everyone over to Jabber. Please. The whole I.M. universe right now is about as convienient as sending E-mails from CompuServe to AOL in 1992.

Re:Fine, then

[Golgafrinchan (777313)]

In Trillian 3.1 Basic: Open up your Connection Preferences for the AIM connection. Click on the Miscellaneous tab. At the bottom, check the following: "Activate SecureIM capabilities", and "When possible, make a best effort to automatically maintain a SecureIM session with my contacts." HTH.

Re:Fine, then

[Laivincolmo (778355)]

The problem is that while I might be willing to use encryption, some of my friends are not so comfortable with computers and technology. Some of them don't take the time to remove that aim.com window that pops up with the startup of the default AIM client. I somehow doubt that I could convince them to do something as complicating-sounding as encryption. Just my opinion though.

Help a College Student [macminis4free.com]

Re:Fine, then

[Zorilla (791636)]

That's no surprise. Is that bug still there where AIM completely ignores the preference to not show that at login unless you click on junk in the AIM.com window at least once?

At least their preferences are laid out in a sensible Netscape-style window with the categories on the left. The problem is that there's just too many damn useless features to configure, as well as the fact that the actual preferences menu item is buried deep within a pull-down menu titled "My AIM". What the fuck does that tell me as a category and what options are under it? With the narrow amount of space in the menu area, it would be much better off with an "Actions" menu for everyday functions and a "Tools" menu for all the extra wacky features that nobody uses.

Re:Fine, then

[mwilliamson (672411)]

I think GAIM is a much better client than some piece of proprietary bloatware encumbered with crapware and a nasty eula.

Do you really trust AOL to have choosen and CORRECTLY implemented a good crypto system? Do you trust they haven't backdoored it? Do you think any home-rolled cryptosystem (or even implementation of a solid design) can be trusted without peer review?

Re:Fine, then

[ZephyrXero (750822)]

The systray icon was finally updated with version 1.1.2 recently....full color and everything :)

I use Trillian...

[tekiegreg (674773)]

and any information I care about goes through their SecureIM service.

So to AOL: I say this much, exploit fjkd;arjaiwor398u233209u''rju98e32 any way you want guys!

Re:I use Trillian...

[sjbcfh (611594)]

So to AOL: I say this much, exploit fjkd;arjaiwor398u233209u''rju98e32 any way you want guys!

"Be sure to drink your Ovaltine."?

I'm just guessing,

[Duhavid (677874)]

I'm just guessing, but I think they dont want customers. I'm not sending much thru AIM with those terms of Service.

Also, what about users of GAIM, et al, that havent agreed to those terms? Can they enforce this there?

Re:I'm just guessing,

[pboulang (16954)]

I disagree. I use iChat on a Mac. I have a .mac account. I never signed up for an AIM account nor agreed to their terms of service.

All this means...

[TheSpoom (715771)]

...Is that any smart business will not send proprietary information through AIM.

Of course, I say any smart business because I know some dumb ones will. Doesn't Microsoft have a similar policy with Hotmail?

I also really doubt if this were ever tested in court that it would stand. This is evil, but about what I'd expect from AOL.

New "reality tv"?

[Mad Merlin (837387)]

Perhaps we're about to see AOL/Time Warner roll out a new tv show... When 12 year old girls chat to each other over AIM - Uncut and Raw!

Re:New "reality tv"?

[sTalking_Goat (670565)]

The FBI might have a problem with the conversations of their Special Agen...um... 12 year old girls, being broadcasted on late night cable.

Sheer volume

[gotr00t (563828)]

Even though it looks pretty bad, just remember that the service is so popular that the chances any conversation would acutally be used in any meaningful way by a third party would be about as small as they are now.

Re:Sheer volume

[pchan- (118053)]

Okay, nobody seems to get the point of this change, so let me spell it out for you:

ADVERTISING

They don't care about reading what 12 year olds gossip about, and they don't care about finding criminals, terrorists, or anyone else. They care about *making money* by selling targeted ads to you, and they will figure out what you like by parsing context out of your chat logs. Y'know, like Google does with Gmail and Google Groups. The TOS let them do whatever they want with the data so they can store it, mine it, and sell the results anytime they feel like with no consequences.

Your AIM encryption options

[Fourmica (789657)]

1. Trillian. [trillian.cc] SecureIM, but Windows only.
2. SILC. [silcnet.org] Open encryption standard, many *nix ports.
3. JohnyTech. [johnytech.com] Windows encryption for a bunch of different IM protocols.
That ought to get you started.

In Plain English

[lax-goalie (730970)]

"We retain the right to spy on you, profit from any good ideas you have, and tell your wife about your girlfriend."

I'm just guessing, but I'll bet no one thought to run that last part past their management team...

People still use AIM?!

[mike_sucks (55259)]

Why aren't you using Jabber [jabber.org] instead?

It's Free Software, it's non-evil and there are clients for every platform out there.

You can even use it for cool stuff like IM'ing system alerts to you, as a cheap replacement for SMS on mobile phones (AUD$0.02 vs AUD$0.25) and to publish and subscribe to news feeds.

Put another way...

[mark-t (151149)]

How would people feel if their phone company came out with a new terms of service which said that anything which was spoken over a phone on one of their lines becomes the property of the phone company itself and may be reproduced, rebroadcast, that its users forfeit all rights to privacy, etc...?

illegal in my country

[imr (106517)]

and probably elsewhere.

conflicts with common carrier status

[tekrat (242117)]

Isn't AOL considered a "Common Carrier" and therefore immune from prosecution because they claimed that they do not, will not and cannot monitor the content going through their "wires". This was back in the days when ISPs were getting shut down if they allowed child porn through their servers or something like that -- and the bill came through that said that ISPs were responsible for the content of their users, unless they were Common Carriers such as AT&T and AOL (and any other big company that could afford to buy a Senator).

Now here comes along AOL saying that they WILL monitor and so, I have to ask, if we send child porn through IM, doesn't this mean that if AOL lets it go through, AOL can be taken down for allowing trafficing of child porn because they have given up their common carrier status?

Amazingly calm response

[joeykiller (119489)]

Guys, I'm amazed at how calmly you're discussing this issue! Most of you're discussing workarounds -- e.g. how to use gpg or secure-im to avoid being eavesdropped on.

In my opinion the real issue is that the statement "You waive any right to privacy" may be the most evil statement in any EULA ever. Shouldn't these six words alone cause an outrage beyond belief here?

Privacy Policy: AOL does NOT read IMs

[jayloden (806185)]

"AOL does not read your private online communications when you use any of the communication tools offered as AIM Products. If, however, you use these tools to disclose information about yourself publicly (for example, in chat rooms or online message boards made available by AIM), other online users may obtain access to any information you provide.

Your AIM information, including the contents of your online communications, may be accessed and disclosed in response to legal process (for example, a court order, search warrant or subpoena), or in other circumstances in which AOL has a good faith belief that AIM or AOL are being used for unlawful purposes. AOL may also access or disclose your AIM information when necessary to protect the rights or property of AIM or AOL, or in special cases such as a threat to your safety or that of others."

The content referred to in the Privacy Policy is for posts in AIM forums and message boards and such, and the point of all that crap in the TOS is so that AOL has the legal right to copy and display anything you put in the forum worldwide, for as long as the forum/website exists, and you can't in any way sue them over something you post in the forum. It's NOT saying "we will read your IMs and reproduce and use them however we want". Please mod this up so at least some people read it and stop freaking out and spreading FUD unneccessarily.

-Jay

Obligatory "1984" AOL-as-BB reference...

[phillymjs (234426)]

6079SmithW: Do you remember the thrush that sang to us, that first day, at the edge of the wood?
AntiSexJulia: He wasn't singing to us. He was singing to please himself. Not even that. He was just singing.
6079SmithW: We are the dead.
AntiSexJulia: LOL! We are the dead.
AOL System Msg: You are the dead.

~Philly

Re:New Terms in A Nutshell

[by Anonymous Coward]

More like All your Rights are belong to us

Re:New Terms in A Nutshell

[jrockway (229604)]

Which is why I've always used strong encryption [newsforge.com] to IM my friends. If AOL wants to break my 4096-bit RSA key to sell my "lol"s, then they're welcome to.

Technology is the solution to the erosion of our rights. If it's mathematically impossible to find out what you said, then... they won't know what you said. (Same for P2P. If you use Freenet you can legally share anything. Why? Because nobody knows (or can ever know) what you're sharing and what you're downloading. Laws don't solve problems!)

Re:New Terms in A Nutshell

[berzerke (319205)]

Which is why I've always used strong encryption to IM my friends. If AOL wants to break my 4096-bit RSA key to sell my "lol"s, then they're welcome to...

Hmmm...wonder how long before any encrypted messages are blocked? After all, it is THEIR servers the messages are going through, so they can filter.

Re:New Terms in A Nutshell

[evilviper (135110)]

Hmmm...wonder how long before any encrypted messages are blocked?

I'll say *never*.

base64/uu encoding of messages produces all standard characters. Unless AOL is going to try doing fuzzy-logic dictionary look-ups, and/or statistical analysis on ALL messages, there's no way they would even know the difference between encrypted and unencrypted messages.

The above methods would be impractical, and even if not, they would have to be very, very careful not to accidentally drop an unencrypted (though unintelligable) conversation.

Personally, I think AOL is going to eliminate encryption the same way the NSA did for e-mail... Just wait silently behind the curtain, and when there hasn't been any sign of evesdroping for some time, apathy will kick-in, and encryption will just fade-out on it's own.

dictionary look-ups?

[Dog135 (700389)]

Dictionary look-ups on AIMers? You're kidding, right? Normal AIM messages look like a base64 encoded file anyways.

Re:dictionary look-ups?

[geminidomino (614729)]

wtf r u tlkn abt? stfu, stupd n00b.

(ts a jk. laf)

Re:New Terms in A Nutshell

[STrinity (723872)]

If you use Freenet you can legally share anything. Why? Because nobody knows (or can ever know) what you're sharing and what you're downloading.

So if you break a law and don't get caught, it's legal? Riiiiiiight.

Re:New Terms in A Nutshell

[STrinity (723872)]

If you don't get caught, you don't get punished. Thus, the end result is that the same thing happens to a law-breaker that happens to a non-law-breaker (i.e. nothing). Therefore, effectively, a law was not violated.

So what you're saying is that Jack the Ripper, effectively, never broke the law?

Re:New Terms in A Nutshell

[Iron Clad Burrito (231521)]

More like "All your old news are belong to Slashdot"

The following terms and conditions apply to all users who either registered for AIM services or downloaded AIM updates or software on or after February 5, 2004. AIM users who do not register for AIM services or download AIM updates or software on or after February 5, 2004 and are members of the Netscape Network will remain bound by Netscape's terms and conditions. All other AIM users are bound by the aol.com terms and conditions.

Re:New Terms in A Nutshell

[nofx_3 (40519)]

I'm going to have to send the up the bomb then...

-kaplanfx

Re:New Terms in A Nutshell

[Beardydog (716221)]

No, you fool! You'll just give AOL, its parent, affiliates, subsidiaries, assigns, agents and licensees the irrevocable, perpetual, worldwide right to reproduce, display, perform, distribute, adapt and promote the bomb as they see fit!

Re:New Terms in A Nutshell

[by Anonymous Coward]

You had better stop worrying and learn to love the bomb, then!

Re:New Terms in A Nutshell

[identity0 (77976)]

No, the new terms are:

"Remember, it's not rape if you click 'yes'".

: )

Re:In response...

[mwilliamson (672411)]

gaim-encryption.sourceforge.net [sourceforge.net] provides an easy-to-use wrapper for NSS. It's available for both *nix and win32 and works quite well. I like the fact they didn't try to re-implement the crypto, but rather use someone else's proper (and well reviewed) implementation.

Folks, it is time to start putting your letters in an envelope. You can no longer trust the letter carrier to protect your privacy. Envelopes are cheap...so start using them.

Re:Oooh, I'm shocked!

[Lord Omlette (124579)]

I'm pretty sure this is wrong. Everything goes through AOL's servers.

And it couldn't possibly be any larger than the amount of data Echelon has to deal w/ regularly, my guess is they're doing this as a way of appeasing the govt. "Sure, we'll change our privacy policy, but please allow us to use your beefy data centers..."

Re:Oooh, I'm shocked!

[JonXP (850946)]

Actually, all messages ARE routed through AOL's servers. Peer-to-peer traffic only occurs when you are a) doing a file transfer, or b) using AIM's DirectConnect feature. Therefore, AIM can see anything you transmit over their network, and that includes all messages as well as file names/sizes/etc for transfers (but not the actual files themselves).

This is actually standard through virtually all Instant Messaging systems, partially due to the complexities of routing that NATs and firewalls introduce to the internet, and partially because client/server is just plain more reliable and easier than P2P.

(This is from a guy that's done a lot of IM protocol observation/hacking/developing)

Re:Third Party Clients

[by Anonymous Coward]

Actually, the new TOS specifically states that it only applies if you:
1) Registered for AIM after February 5, 2005
2) Downloaded AIM updates or software after February 5, 2005

Unless I'm drastically misreading that, that means none of the terms apply to people who've been registered for more than a month or so and use a third party client.

-ShadowRanger

Re:Third Party Clients

[Mr.Progressive (812475)]

You are drastically misreading that. As the date on the TOS is "February 5, 2004"

Re:Third Party Clients

[MrLint (519792)]

it'll be interesting to see how AOL claims to prove that any non AIM client users can assertively agree to this license. Last time i heard you cant agree to a contract by inaction. And to the best of my knowledge, i dont think any of the 'these terms may change at any time' have been tested in court by 'agreement by inaction'

so it remains to be seen.

Re:Not really surprising

[tftp (111690)]

Does it mean that USPS has a right to open all your mail, and then copy and use the contents as it wishes?

AOL is not any different from a mail carrier service because they do the same thing - deliver messages from one person to another.

You do not have a reasonable expectation of privacy when using it.

Why not? Many people abuse telephone network by tying up lines for hours at a time, so what? It does not allow the phone company to record and sell conversations.

Re:New terms of service?

[thisissilly (676875)]

They're supposedly used so that they can distribute your messages (IMs) without any possibility of "infringement," but who knows?

They don't need an irrevocable, perpetual right to do that. A 10-minute right would be plenty.