EPIC logo

November 6, 2002

Jonathan Miller
Chairman & CEO, America Online
2200 AOL Way
Dulles, VA 20166

Dear Mr. Miller,

America Online recently announced that it will sell a network surveillance tool to corporations to monitor their employees’ communications with the popular AOL Instant Messenger service (AIM). We are writing to draw your attention to the privacy risks posed by this new service and ask you to withdraw the AIM Enterprise Gateway service until such time as privacy enhancing protections for users are established.

Instant messaging, led by AIM, has been a revolutionary communication service that has been broadly embraced by millions of users around the world. The quick, transient communications that take place between friends, spouses, and other people with shared interests in these chats have rapidly created a whole new medium and culture of communications on the Internet, one that closely resembles private discussions that take place in the physical world. Instant messaging captures the spirit and possibilities of the Internet by building relationships and communities in a unique fashion, but it depends upon the expectation of privacy that the service has created. The AIM Gateway service threatens to radically transform privacy expectations for instant messaging users. The service poses a particular threat to employees whose well-established expectation of privacy in the workplace could be extinguished.

There is no comprehensive legislative framework for workplace privacy protections in the United States. A patchwork of state and federal laws apply to the monitoring of the communications of employees, including prohibitions against indiscriminate and suspicionless searches that the AIM Gateway service would facilitate. AIM communications merit special treatment since they are akin to private phone conversations or casual chats around the water cooler.

We suggest that, in light of the special nature of AIM communications, you cease the distribution of the AIM Gateway service until better privacy safeguards are established for AIM users. We urge you to build privacy enhancing technology into AIM so that users can control who has access to their private communications. We look forward to hearing from you regarding this matter.

Sincerely yours,

Marc Rotenberg
EPIC Executive Director

cc: Timothy J. Muris, Chairman, Federal Trade Commission