What are the top IT scandals

The biggest data protection scandals in IT history

Carolyn Duffy Marsan

Sony, AOL, Google: They all made negative headlines with data protection scandals.

EnlargeWe introduce you to the biggest data protection scandals in IT history

Lately, Facebook, Twitter, Amazon with Alexa, and Google have been causing a stir with their careless handling of user data. For example, Google stored user passwords unprotected on its servers and Facebook illegally collected email addresses from new users. Yahoo, in turn, had to pay damages for data theft, and hackers threatened to steal the data of 120 million Facebook users. But Adidias also warned its US customers about data theft. And customer data was also lost at British Airways.

But data protection scandals are nothing new. Well-known companies often lost their customers' data many years ago. We have looked around the history of the data scandals and present some classics of data loss.

Security advisor: What about data protection, Microsoft?

Sony's Spyware CDs

Sony BMG had to admit a gigantic data protection faux pas in autumn 2005, which affected its anti-piracy measure "XCP" for music CDs. If a consumer played such a CD in the drive of his Windows computer, XCP secretly installed a hidden rootkit software that sent information about the CD and the computer's IP address to Sony. In addition, the spyware made the affected PC more susceptible to Trojans and viruses. Class action lawsuits were filed against the company, whereupon the United States antitrust authorities decided that Sony had to send each affected customer a compensation payment equivalent to the equivalent of 100 euros.

The Craigslist Experiment

In February 2006, Seattle-based web developer Jason Fortuny started a self-experiment: he posted a picture of a lasciviously posing woman looking for sex partners on the US classifieds website Craigslist to see how many responses he received within Would receive 24 hours. Fortuny received 178 letters the next day, including photos, names, email addresses and telephone numbers of the men who answered the complaint. Fortuny then published all communications on a website called "Encyclopedia Dramatica". The incident received a significant amount of media coverage, following which an anonymous plaintiff took Fortuny to court. The case dragged on until May 2009 - after all, Fortuny was sentenced by default for multiple non-appearances in court; he has to pay the equivalent of almost 50,000 euros.

The AOL leak

In August 2006, the Internet provider AOL published a list of over 20 million search terms entered by over 650,000 users over a period of three months. The list was supposed to contain anonymous user data for research purposes, but instead consisted of numerous personal information that could easily be assigned to specific users and their search protocol. AOL admitted the mistake and removed the list from its website after three days. At this point in time, however, the data could already be viewed on numerous other sites on the Internet. Maureen Govern, then CTO of AOL, resigned two weeks after the incident. In September 2006, AOL filed a class action lawsuit that is still being tried in California's courts of law. The plaintiffs are each demanding around 3500 euros in damages.

Google Street View

EnlargeGoogle Maps delivered a scandal with Street View

In May 2007, Google added the new "Street View" feature to its Maps service. Since then, the group has had to deal with complaints from data protection officers, had to pay fines and approve third-party audits. Google Street View provides panoramic images of streets captured by webcams over time. Privacy concerns were raised early on. After all, it could unknowingly capture images of men leaving a strip club, people entering adult shops, suitors recruiting prostitutes, and other embarrassments. Google therefore allows users to request the removal of questionable images and also introduced the option of making faces and license plates unrecognizable by means of a blurring effect. Nevertheless, Google is in data protection battles with Switzerland, France, Belgium, Germany and South Korea - to name just a few countries. France sued Google in March 2011 for almost 100,000 euros because of questionable Street View images. Meanwhile, Google has to undergo regular data protection reviews by the US antitrust authorities - and that for the next 20 years.

Funny & bizarre: 55 crazy pictures on Google Street View

Chaos at Hotmail

One of the biggest data protection scandals has been perpetrated by Microsoft's free email service Hotmail. In October 2009 Microsoft asked millions of its Hotmail users to change their passwords because of a data leak. According to Microsoft, it was found shortly before that user data from over 10,000 e-mail accounts had been published on the website www.pastebin.com following a phishing attack. Microsoft therefore advised its customers to change the password for all email accounts that ended in @ hotmail.com, @ msn.com and @ live.com within 90 days.

How to test whether your password has been cracked!

Webcam mania

In one school district in Pennsylvania, built-in webcams were used to monitor several thousand Apple laptops that schools made available for students to use at home. However, the school district soon got lost in online data protection problems. The school management had to admit that over 56,000 photos and screenshots were taken unnoticed by the laptops' webcams. The photos were taken without the students' permission and show not only private bedrooms and living rooms, but also the students, some of whom were only slightly dressed or even undressed. In April 2010, high school student Blake Robbins filed a class action lawsuit against the Lower Merinon School District for invasion of privacy. In October 2010, the school district agreed to pay the equivalent of just under 450,000 euros, thereby settling two main lawsuits.

Facebook apps

EnlargeThe Facebook game Farmville

The popular social network has struggled with various data protection scandals in recent years. One of the biggest scandals, however, came in October 2010 when Facebook announced that ten of its most popular apps - including Farmville and Texas Hold'em - were giving user data, such as friends' names and names, to advertising companies. The data leak affects several million Facebook users, as a study by the Wall Street Journal claims to have found. Even in advance, Facebook had come under fire because it passed user ID numbers on to advertising companies as soon as a consumer clicked on an advertising banner. In November 2011, Facebook settled the dispute with the US antitrust authorities and agreed to allow data protection audits by independent third parties for over 20 years.

Facebook is keeping an eye on you!