FTC: Consumer Privacy Comments Concerning America Online, Inc.--P954807 Before the Federal Trade Commission Washington, DC 20580 In the Matter of Public Workshop on Consumer Privacy CONSUMER PRIVACY 1997 -- COMMENTS AND REQUEST TO PARTICIPATE SUBMITTED BY AMERICA ONLINE, INC.
Dated: April 15, 1997 America Online, Inc. (“AOL”) welcomesappreciates the opportunity to participate in the Public Workshop on Consumer Privacy at the Federal Trade Commission. We submit this paper as a Notification of Interest in participating in Sessions Two and Three of the Workshop on June 11, 12 and 13, 1997. With over 8 million members, AOL is the largest Internet online service provider in the world. AOL is keenly aware of the tremendous benefits and potential of the Global online environment. AOL also understands the the risks that arise from interactive networks. Interactive services offer consumers and businesses unprecedented opportunities for communications, commerce and education. Consumers in the online environment can exercise unique control over content available online and they can avoid content or services in which they have no interest. At the same time, however, the online environment presents unique issues in the area of consumer privacy, as personal information about consumers is easily collected and transferred online. AOL believes that it is critical for companies operating in the online world to address consumer privacy concerns as a pre-requisite to meeting consumers’ interests and growing interactive networks into a global and socially-beneficial mass medium. In particular, AOL has a unique relationship with its members that enables the company to modify its services to make each member’s online experience as personally relevant, enjoyable and affordable as possible. In doing so, AOL has spent considerable time balancing consumer privacy with the careful and appropriate use of consumer information continually to improve each member’s online experience. These comments discuss those efforts and address the questions posed by the Commission about steps taken by online marketers and web site operators by focusing those questions on the unique privacy issues faced by Internet online service providers. In general, because of a growing amount of concern expressed about personal privacy protection by AOL members and the general public, in April 1996,, AOL revised and expanded its policies protecting the personal privacy of its members ("Privacy Policy") and has continually updated that Policy since then. (Please see the AOL Privacy Policy attached as Exhibit A.) Prior to that time, AOL’s member agreement (Terms of Service) contained a number of privacy related provisions, including provisions protecting the confidentiality of private electronic communications, or e-mail, and governing the disclosure of information relating to AOL’s member identities. AOL’s current Privacy Policy not only clarifies and consolidates these various provisions into a comprehensive body of privacy rules, but also expands its privacy protections to cover "navigational" and "transactional" information (i.e., data about what members do and buy on or through AOL). It also presents a clear segregated explanation of the Privacy Policy for easy reference by members whenever they use the service). AOL believes that among the most challenging and important questions that the Commission will address in its workshop sessions are those that relate to children. AOL has spent considerable effort over the last year revising its policies with respect to information collection and use as it relates to children in the Internet online environment. In particular, the company is in the process of finalizing new policies which govern the area on AOL dedicated to children that place clear restrictions on the ability of AOL’s content providers both to collect information from children and to advertise to children. We look forward to addressing these issues with the Commission in June. Despite AOL’s efforts in the area of consumer privacy there remains one area over which AOL does not maintain control and which continues to have a significant negative impact on the company and its members’ online experience -- unsolicited bulk marketing e-mail. Since the FTC last looked at the issue of consumer privacy in the online environment in June 1996, AOL has encountered many problems with unsolicited bulk e-mail being sent to its members causing consumer dissatisfaction and placing significant burdens on AOL’s computer servers. In fact, a large part of AOL’s ongoing server expansion project is the result of the large volume of e-mail traffic that AOL must handle on a daily basis, much of which comes to our members from outside sources in the form of unsolicited marketing announcements. While AOL has implemented several measures both technological and legal measures to curtail and cope with the volume of unsolicited e-mail, it remains a significant problem and one that we hope the Commission will place a particular focus on in the upcoming workshop. SESSION TWO: CONSUMER ONLINE PRIVACYINFORMATION COLLECTION AND USEQuestions 2.1 through 2.8 address issues related to the collection and use of personal information by commercial web sites or online marketers. AOL believes that these questions are equally relevant to Internet online service providers as personal information is both collected and used by such providers who maintain a unique relationship with their members. In other words, while consumers are not required to have independent relationships with the web sites they visit, (with the exception perhaps of those that require users to pre-register prior to entry) those who subscribe to services like AOL do. For instance, to become a member of AOL each member agrees to read and must accept AOL’s Terms of Service as a condition of membership. The AOL Terms of Service clearly specifies AOL’s privacy and data protection policies and practices. AOL’s relationship with its members allows for easier and more complete notification of information collection and use policies giving consumers a better understanding of the protection and potential vulnerabilities of their personal information in the online environment. AOL is therefore submitting responses to a selected few of the questions posed in this section. 2.1What kinds of personal information are collected by commercial Web sites from users who visit those sites and how is such information subsequently used? Among other things, is clickstream data being collected and tied to personally identifying information? AOL’s Privacy Policy refers to the collection and use of individual information which is defined as any information, data or records that relate to an AOL member’s use of AOL and identify an individual member or a member’s account. AOL does not believe that the collection, use or distribution of aggregate information that does not reveal personal identity, such as member demographics, falls within its Privacy Policy or raises concerns about threats to personal privacy. AOL’s Privacy Policy distinguishes among different types of individual information since AOL’s practices with respect to such information varies by category. These categories are: (1) "member identity and billing information," such as a member’s name, street address, telephone number and billing information, and any screen names associated with a member’s account; (2) "navigational and transactional information," such as information about where a member goes on the service or what a member buys through AOL; and (3) "private communications content," meaning the contents of e-mail, or private chat room or instant message communications. Under normal information practices, AOL collects and maintains member identity and billing information to administer its business generally. AOL also uses such information on a selective basis to offer its members marketing information on goods and service that may be of interest. These offerings are customarily made through the use of “pop-up” screens that appear on individual member screens at the time of sign- on. However, due in large part to concerns about personal privacy, in October 1996 AOL granted its members the option of opting out of all marketing pop-ups through an easy online process. On a sample basis, AOL also collects and stores navigational and transactional information, such as data on the choices that members make among the range of available services or merchandise and the times and ways members use AOL. This information is used internally by AOL for programming and editorial research. The company also provides aggregate navigational and transactional information to its third- party content providers to aid them in their programming decisions about their respective online area. While the company has made no firm plans about the future use of Navigational and Transactional Information, may use such information in individual form on an increasing basis to ensure that each member’s online experience is maximized by including personalized interfaces and content offerings. The most controversial area of personal information online is the contents of private communications which AOL believes deserve the strongest privacy protection. The company, therefore, treats private communications on or through AOL’s service as strictly confidential and does not access, use, or disclose the content of private communications. In addition, while claims have been made to the contrary, the AOL e- mail system retains the contents of private e-mail communications for a limited period only. However, the AOL computer system does not record or retain any communications that members have in chat rooms or through instant messages. (Instant messages on AOL work like e-mail but take place in real-time between members who are simultaneously connected to the service.) In the case of regular e- mail, either coming or going to the Internet or other AOL members, such communications are permanently deleted from the system after they have been read by the intended recipient(s) after about two days. In cases where e-mail has been sent but remains unread, such communications are permanently deleted from the AOL system after about thirty days. The only exception to AOL’s strict confidentiality rule for private communications, which is clearly delineated in AOL’s Privacy Policy, is that the company may access and/or disclose such information only if it in good faith believes that such action is necessary (a) to comply with applicable law or valid legal process (e.g., search warrant or court order), (b) to protect the rights or property of AOL Inc., or (c) in emergencies when AOL Inc. believes that physical safety is at risk. These exceptions are minor modifications of the default provisions of the Electronic Privacy Communications Act and provide AOL with the flexibility it needs to deal with emergency situations. 2.2To what extent is the collection, compilation, sale or use of personally identifying, as opposed to aggregate, personal information important for marketing online and for market research? What privacy concerns, if any, are raised by the collection or use of aggregate personal information in this context? As the online marketplace has shifted towards a forum for online commerce and commercial advertising, so has the importance of consumer information risen. While much of AOL’s marketing research is performed through the use of aggregate data, an increasing amount of online marketing is made more precise by the ability to market to individual consumers who have interests in particular online content, information, services or products. As stated above, AOL makes its policies with respect to the use of personal information for marketing purposes clear to members in its Privacy Policy and gives its members the opportunity not to receive customized marketing pop-ups from AOL. Increasingly, AOL is also using individual user information to customize its services for members. Such customization is not, however, related solely, or even primarily, to online marketing but to making the AOL service more useful and enjoyable to our members. 2.3What are the risks, costs, and benefits of collection, compilation, sale, and use of personal consumer information in this context? AOL believes that as long as consumers are made fully aware of the information practices of their Internet online service provider, as well as those of the Web sites they visit on the Internet, they are able to make informed choices about the ramifications of their activities online, and that the risks of personal information collection are quite low. This is, of course, dependent upon a guarantee by those entities operating in the online environment that they will, in fact, abide by those information practices once they have been established. On the benefit side, AOL believes that targeted marketing that is fairly communicated on the Internet presents a huge potential benefit to consumers as well who would no longer have to wade through reams of junk material in which they have no interest. Rather, consumers can make their individual preferences known to online marketers or online service providers and receive information about services and products that meet those interests. We believe such individualized experiences lie at the heart of the Internet online medium and distinguish cyberspace from traditional print and broadcast media which can only provide consumers with generalized content, and service and product offerings. 2.4What surveys, other research, or quantitative or empirical data exist about consumers’ perceptions, knowledge and expectations regarding (1) whether their personal information is being or should be collected by Web site operators and the extent of such collection; (2) the benefits and risks associated with the collection and subsequent use of this information; (3) appropriate uses of such information; and (4) whether certain categories of information should never be collected or disclosed to others? AOL has not independently performed any research about consumer attitudes towards information collection. The company has responded to concerns expressed by consumers about certain information practices and has implemented the procedures discussed above and those discussed in the following section about unsolicited commercial e-mail. In addition, because AOL believes that the issues related to consumer attitudes towards privacy are critical to the establishment of the good appropriate internal company information policies and sound public policy it suggested at the FTC’s last privacy workshop and is co-sponsor of a survey currently being conducted by Dr. Alan Westin of Privacy & American Business, the specifics of which are being submitted to the Commission under separate cover. UNSOLICITED COMMERCIAL E-MAIL2.16 How wide spread is the practice of sending unsolicited commercial mail? Are privacy or other consumer interests implicated by this practice? What are the sources of e-mail addresses used for this purpose? Unsolicited commercial e-mail (“UCE”) is very widespread on interactive networks. UCE has been a significant problem for AOL and its members for over a year. From AOL’s participation in industry associations, it has become clear UCE is also a significant problem for other interactive service providers and users. During the past year, AOL members have complained regularly and vociferously about the volume of UCE they receive from firms with which who they have had no previous contact or relationship. And, before AOL implemented its mail filter tools (see below), it received thousands of complaints about UCE from members each week. Still, many AOL members continue to receive dozens of UCE messages daily, requiring regular time- consuming and sometimes costly sorting and making it difficult to identify messages from friends, family, and business associates. AOL members who sign on to their accounts infrequently (e.g., on a bi-weekly basis) face an even more daunting task as their mail boxes may be are clogged with dozens of unwanted UCE messages. Historically, AOL members have been angered by the fact that firms who specialize in sending UCE (“Bulk E-mailers”) have been able to shift the cost of sending UCE messages to consumers who were paying for their online time by the hour. Although the move to flat rate pricing has reduced the number of members that still must pay for usage by the hour, a significant number of AOL members still do. Even members who have shifted to flat rate pricing continue to be angered by the volume of UCE they receive citing that UCE usurps their valuable time, and slows down and disrupts the performance of the e-mail network, and diminishes enjoyment of the online experience. Bulk e-mailers use a variety of means and sources to harvest e-mail addresses and create mailing lists. Several UCE firms have copied addresses from member directories, bulletin boards, and chat rooms in violation of AOL’s Terms of Service. They have also harvested addresses from public postings on Internet newsgroups and message boards. The effect of this is that many members are increasingly weary of participating in online public debates or communities. Many AOL members now refrain from posting any information in the AOL Member Directory or participating in AOL’s message boards or chat rooms for fear that doing so will invite large volumes of unwanted commercial e-mail solicitations. This has chilled communication on the service and undermined the sense of community on AOL. Although most complaints from AOL members are based on the volume -- not content -- of UCE messages, the abundance of UCE messages featuring adult products and services, get-rich-quick schemes, and miracle diets has further upset members about this practice. Unlike offers from authorized merchants that operate on AOL’s proprietary service, AOL has no way to ensure the quality or reputability of these UCE offers and to protect its members from unscrupulous practices. Since AOL’s members often times rely on AOL’s judgment on content, and because many of the bulk E- mailers use mechanisms to make it appear that AOL has either endorsed, or worse, sent their messages, the company’s relationship with its members has been adversely affected. 2.17 What are the risks and benefits, to both consumers and commercial entities, of unsolicited commercial e-mail? What are consumers perceptions, knowledge, and expectations regarding the risks and benefits of unsolicited commercial e-mail? See response to question 2.16 above which is incorporated herein. The risks to consumers of unsolicited commercial e-mail (UCE) include an increase in the cost of using interactive services, a slowdown in the performance of e-mail services, and a general diminishment of their enjoyment of interactive services. Although many consumers have recently switched to flat rate pricing, a significant number of consumers still pay for hourly usage charges. Consumers who still pay for online time have to pay for the cost of loading, sorting, reading, storing, and disposing of their e- mail. But for all consumers, the indirect but real costs of UCE are significant. Senders of UCE can succeed financially because they are able to transfer the cost of sending electronic advertisements to recipients and their network providers. Accordingly, the cost of sending UCE is significantly less than sending physical mail solicitations which are paid for by the sender -- not the recipient or mail carrier. And the marginal costs of sending UCE are practically zero. This cost shifting ability distorts market constraints and results in huge volumes of UCE to unwilling recipients. The UCE firm is not constrained by normal economic principles such as delivery costs and customer accountability. A tiny percentage of AOL members apparently do wish to receive UCE messages. Presumably these individuals find UCE messages to be of interest or value. For this reason, AOL has attempted to impose mail filters (see below) in a manner that gives its members a choice if they wish to receive UCE messages. As explained below, many UCE firms have not respected the choice of AOL members by systematically attempting to circumvent AOL’s mail filtering tools. While AOL’s mail filtering tool remains imperfect, AOL does not recommend mandatory limitations of commercial speech or commerce on interactive networks. In fact, AOL believes that allowing commercial entities the opportunity to make consumers aware of products and services that may be of interest is valuable for consumers and the growth of the interactive medium. However, interactive marketing and commerce must be performed in a fair and responsible manner which respects consumer privacy, choice and the enjoyment of interactive services. 2.18 What costs does unsolicited commercial e-mailemail impose on consumers or others? Are there available means of avoiding or limiting such costs? If so, what are they? Please see responses to questions 2.16 and 2.17 above which are incorporated herein. 2.19 Are there technological developments that might serve the interests of consumers who prefer not to receive unsolicited commercial e-mail? If so, please describe. Yes. AOL has been recognized as the industry leader in using technological tools to empower consumers who do not wish to receive UCE. In response to its members’ complaints and the increasingly damaging load placed on its e-mail services by bulk E- mailers, AOL introduced two user empowerment mail tools: Mail Control and Preferred Mail™. The Mail Control tool enables members to chose from whom they wish or do not wish to receive e-mail. This tool helps members protect themselves from unsolicited commercial mailers and it allows members to expand their privacy preferences to block e-mail from any address. Because the Mail Control tool requires the user affirmatively to list the specific addresses from which they wish to block or receive e-mail and because the tool can be circumvented by bulk e-mailers who constantly change their domain addresses, AOL introduced the Preferred Mail tool. Preferred Mail automatically shields AOL members from e-mail sent from certain sites which have been responsible for sending UCE messages to AOL members, thereby generating numerous complaints. The list of such sites is updated regularly through a specific process that ensures that those entities on the list are indeed senders of bulk UCE. Members who wish to receive mail from these sites, can easily do so by deselecting the tool with one click. The Mail Control and Preferred Mail tools have reduced, but not eliminated, the bulk e-mail problem on AOL. The tools are not completely effective in part because UCE firms have attempted to circumvent the tools and undermine members’ choices not to receive UCE. This is done through a number of methods, including sending UCE through fictitious and unregistered domain addresses, and constantly changing their domain addresses (or ISPs) from which they send UCE. Although AOL is confident that technological improvements will address these holes and prevent Bulk E-mailers from circumventing mail filters, there will likely remain a cat-and-mouse dimension to this conflict, similar to the one which service providers are engaged in with computer hackers. Recently, a federal district court declared that a Bulk E-mailers continued unauthorized sending of UCE amounted to a trespass to chattels under Ohio state common law since the UCE misappropriated Compuserve’s computer servers. The Compuserve v. Cyber Promotions decision, (1997 U.S. Dist. Lexis (S.D. Ohio)), provides a basis for service providers more aggressively to combat Bulk E-mailers’ tactics in court. AOL remains optimistic that a combination of tough self-regulatory standards, technology filters and blocks, and as a last resort litigation under several broad computer trespass theories will minimize the UCE problem. If not, both online consumers and marketers will be damaged and the promise of the interactive medium will fall short of reality. SESSION THREE: CHILDREN’S ONLINE PRIVACY Information Collection and UseAs with the questions related to information collection and use in the area of consumer privacy to be addressed by the Commission in Session Two, AOL believes that several of the questions posed regarding the collection and use of information about children on the Web are equally relevant to such practices on proprietary online services like AOL. Therefore, AOL submits the following responses to several of the Commission’s questions. 3.1 What kinds of personal information are collected by children’s commercial Web sites from children who visit those sites and how is such information subsequently used? Among other things, is clickstream data being collected and tied to personally identifying information about children; is information being collected from children to create lists for sending unsolicited e-mail? AOL’s general Privacy Policy is described in response to the questions posed by the Commission regarding Session Two. Those policies apply to all areas of AOL and to all members of AOL and as stated above, and reflect the company’s commitment to the protection of the privacy interests of AOL’s members. At the same time, however, AOL does recommend children ages 6 to 12 partake in content that is geared directly to them. Such content appears in an area known as “Kids Only” that contains content that AOL believes will be of interest to children. This area offers children the opportunity, albeit in a more protecting manner, to engage in some of the activities that take place in other AOL areas, such as online chat, with their peers. Because AOL invites children into the Kids Only area, the company now takes extra precautions to ensure that children are not the target of improper online marketing and information collection practices. Any information collected from children in the Kids Only area is done only in cases where there is informed parental consent prior to such collection. While AOL has not always maintained such strong policies that, for example prohibit contests targeted to children in which information is collected, the company’s sensitivity on these issues has been raised both by the Commission’s examination of these issues over the last year and concerns raised by our members. For example, one area in the AOL Kids Only area whose practices have had to change with AOL’s changing policies is an area operated by Warner Bros. called “Kids’ WB” As part of its offering, Warner Bros. has long offered kids on AOL’s system an opportunity to receive their online newsletter and asked for the child’s full name, address and phone number in exchange for such privilege. Recently, however, AOL requiredhas made Warner Brothers to change the newsletter request procedure so that kids need only send an e- mail request with no accompanying identifying information. In general, AOL’s new policies for the Kids Only area prohibit the collection of any personal information from children by AOL’s information providers either in connection with a content offering or an advertisement. The new policies also prevent any online advertising to children which invites them to engage in an online transaction or call on 800 number off-line. Instead, any online advertising designed for children must be clearly identified as such and provided only in designated formats. While AOL does not require parents to limit their children’s access on AOL to the Kids Only area, the company believes that it should provide a safe haven where kids can take advantage of the online experience while not risking invasions into their personal privacy. In order to help parents ensure safe experiences, the company also developed its Parental Controls which were described to the Commission in its June 1996 hearing on consumer privacy. Through the use of these controls, parents can ensure that kids do not have access to areas on AOL other than the Kids Only area. 3.3 What are the risks, costs and benefits of the collection, compilation, sale and use of children’s information in this context? AOL believes that while the collection of information about children can clearly help make content developed for kids more useful and entertaining for its intended audience, it can also present many risks to children in the online environment. As stated above, it is for this reason that AOL has expanded its policies in its proprietary areas devoted to children to prohibit the collection by its content providers of personal information from children. There have been some examples where AOL’s information partners have specifically requested that they be permitted to collected personal information from children in a controlled environment. AOL has refused to allow any collection of information from children unless and until the content provider implements a reliable processes acceptable to AOL that obtains parental approval prior to any child’s participation. These policies include, for example, both online and off-line communication with each child’s parent and an opportunity for the child or the parent to opt out of the process at any time. AOL hopes to provide the Commission with a supplemental submission that outlines these procedure’s in greater detail in advance of the June workshop. 3.10 Do schools, libraries and other settings in which children may have access to the Web have a role to play in protecting children’s privacy ? What role do they currently play, and what role could they play in the future? As stated above, AOL believes that it is important for services like AOL that act as gateways to the online world to offer children and their parents a place in the online environment that permits them to take part in the online experience while not exposing them to information collection practices more appropriate for adults. As a result, while AOL currently does not require parents to use the parental control mechanisms that AOL offers, it does try to guarantee that when children go into an area designed for children on the AOL service, they are safe both from inappropriate content and inappropriate information collection practices. For example, in the Kid’s Only Chat area, AOL specifically tells children before the enter chat the following:
This is not say that AOL’s policies can protect children who are permitted to venture out to the Web or that it is the company’s responsibility to do so. Instead, these policies help parents choose whether their children are old enough and experienced enough to make informed decisions about what information to disclose about themselves to others. If parents decide that their children are not ready for such activities, the AOL Kids Only area should provide a safe place. Respectfully submitted, Jill A. Lesser
Dated: April 15, 1997 21412-1 Exhibit A: AOL Terms of Service (in part) SECTION 5. PRIVACY POLICYA. INTRODUCTION (i) General. Because protecting your privacy is very important to AOL, Inc., we have established a privacy policy that safeguards your personal information, and are committed to protecting its confidentiality. We will limit the collection and use of personal information, or Individual Information (as defined below), to what is necessary to administer our business, provide you with the highest quality service, and offer you opportunities we think will be of interest. We will NOT disclose any Individual Information except in limited circumstances as specifically provided below. We actively participate in industry associations and community groups to support strong and effective privacy guidelines and practices in the interactive environment. (ii) Types of Individual Information. Individual Information is any information, data or records that relate to your AOL membership or use of AOL and identifies you or your individual Member account. The three types of Individual Information are: (1) "identity and billing information," such as your name, street address, telephone number, billing information, and any screen names associated with your account; (2) "navigational and transactional information," such as information about where you go or what you buy through AOL; and (3) "private communications," such as the contents of e-mail, or private chat room or instant message communications. (iii) The Internet. Please be aware that AOL is a private online service that allows access to the Internet, but is not the Internet. AOL, Inc. does not control the content, services, or areas available through the Internet (with minor exceptions, such as the AOL home page), and providers of Internet sites or services have separate data and privacy practices independent of AOL, Inc. Internet areas may appear to be seamlessly incorporated into AOL, but generally you can tell you are on the Internet whenever AOL’s logo spins on the upper right corner of your screen or when you click on icons labeled as Newsgroups, Web, Link, FTP, Gopher, or other items relating to the Internet. (iv) Independent Content and Service Providers. Companies that are independent from AOL, Inc. operate many of the online areas that you visit. Although AOL, Inc. will seek to require these independent companies (e.g., ICPs, including advertisers and merchants) to adhere to our strong privacy principles, AOL, Inc. does not bear responsibility for their policies or actions. Be aware that when you voluntarily disclose personal information (such as your screen name) in public areas (e.g., the Member Directory, chat rooms, message boards, Internet newsgroups), others may collect and use your information. (When you visit Internet sites, your AOL screen name or other identity information generally is not identifiable.) Also, ordering products through AOL often requires you to provide an independent company with limited Individual Information to enable fulfillment of your order. B. MEMBER IDENTITY AND BILLING INFORMATION. (i) Collection and Storage. We maintain the following types of identity and billing information: your name, street address, telephone number(s), length of membership, and payment information. If you wish to view your identity information and billing, please go to keyword "Billing." We may also keep information on your communications with our Customer Service or Community Action departments, and general account history, such as accumulated usage credits or written complaints relating to your account. We safeguard Individual Information from unauthorized access and only authorized employees or agents who need to carry out legitimate business functions are permitted access to Members Individual Information. Employees who violate AOL, Inc’s. privacy policies are subject to disciplinary actions, including termination where appropriate. We may use agents, who are bound by strict confidentiality guidelines, to perform storage, processing, and other limited functions on AOL, Inc’s. behalf. (ii) Use. We use identity and billing information to administer our business, ensure that you are properly billed and offer you opportunities (e.g., pop-ups or e-mail) that may be of interest. (iii) Disclosure. From time to time, we make our mailing list available to select independent companies that offer products and information we think may interest you. AOL, Inc. carefully screens all requests to use its mailing list to ensure appropriateness. If you do not want your name released to these companies, simply indicate this upon accessing the "Member Mailing Preferences Form," using keyword "Marketing Preferences" and double-clicking on the heading "Tell Us What Your Mailing Preferences Are." If you do not want to receive "pop-up" product information screens, select "Tell Us What Your Pop-up Preferences Are." You understand that you will receive occasional pop-ups and e-mails containing important information about AOL or your membership. We do not release Members telephone numbers, credit card numbers, or checking account numbers (or other Individual Information, such as navigational or transactional information or private communications content). Our policy is not to disclose identity information to third parties that would link a Members screen name(s) with a Members actual name, unless required to do so by law or legal process served on AOL, Inc. (e.g., a subpoena). AOL, Inc., at its sole discretion, reserves the right to make exceptions to this policy in extraordinary circumstances (such as a bomb or suicide threat, or instances of suspected illegal activity) on a case-by-case basis. When feasible, we do allow our Members to access and verify their Member Identity and Billing Information. We also allow our Members to request corrections to this Information. (See Keyword: "Billing".) AOL generally retains account history records for around six months. AOL, Inc. intends to abide by applicable laws governing the disclosure to governmental entities of Individual Information and other records. If we are under a legal obligation to disclose Individual Information to a private citizen or entity, we may make efforts under the circumstances to notify the affected Member(s) in advance of releasing it in order to provide the Member(s) an opportunity to pursue any available legal protection C. NAVIGATIONAL AND TRANSACTIONAL INFORMATION. (i) Collection. We may collect and store certain navigational and transactional information, such as data on the choices you make from the range of available services or merchandise, and the times and ways you use AOL and the Internet. (ii) Use. AOL, Inc. uses navigational and transactional information to personalize AOL and for programming and editorial research. For example, we use this information to understand our Members reactions to menu items, Content, services and merchandise offered through AOL and to customize AOL based on our Members interests. (iii) Disclosure. AOL, Inc. will not disclose to third parties navigational or transactional information (e.g., where you go or what you buy on or through AOL), except to comply with applicable law or valid legal process (e.g., search warrant or court order). D. PRIVATE COMMUNICATIONS (i) Collection and Storage. The AOL computer system does not record or retain any chat room communications, instant message communications, oral online communications or records of with whom you communicate in chat rooms or through instant messages or oral online communications. The AOL e-mail system retains the contents of private e-mail communications for a limited period only -- the current default is about two (2) days after it is read. E-mail that is sent but not read is permanently deleted from the system after about twenty-five to thirty (25-30) days. (Consequently, to keep copies of any communications, you should store them on your personal computer hard drive or in print form.) You agree that AOL, Inc. may employ e-mail virus-checking technology to protect its system and its members from viruses. (ii) Use. AOL, Inc. treats private communications on or through AOL as strictly confidential. AOL, Inc. does not access, use or disclose the contents of private communications, except in limited circumstances as specifically provided below. You acknowledge that private communications directed at a person or entity, including AOL, Inc., may be used or disclosed by the intended recipient(s) without restrictions relating to privacy or confidentiality. (iii) Disclosure. AOL, Inc. does not access or disclose the contents of private communications (e.g., e-mail, instant messages, Member-created private rooms, oral online communications), unless it in good faith believes that such action is necessary (1) to comply with applicable law or valid legal process (e.g., search warrant or court order); (2) to protect the rights or property of AOL, Inc.; or (3) in emergencies when AOL, Inc. believes that physical safety is at risk. AOL, Inc. reserves the right to treat as public any private chat room whose directory or room name is published or becomes generally known or available. AOL, Inc. reserves the right to access password protected member web sites for conformance to TOS. |