What Can You Find Out About Yourself, Online?

TexTex asks: "So, I'm doing the usual looking-up-of-phone-numbers-and-addresses thing today, and I'm starting to wonder exactly how detailed some of these engines get. www.555-1212.com and www.switchboard.com are giving me different address with the same phone number, but a reverse phone lookup on www.whowhere.com spits out a third. Granted, I haven't moved around that much in the past five years...but somebody thinks I did. Certain folks who sell background checks and missing persons searches seem to have access to all the cool toys. Land purchase records, post office change-of-address cards, the works. Are these kinds of listings available on the Web?" You'd be surprised at the amount of information about yourself that exists in public records. What are the tools these searching services use, to gain access to this online and how can we (not some company making a profit) gain access to them?

"Freebie searches aside, it seems it is much much easier to find information on someone who's dead than it is on our living friends. ancestry.com does an amazing job of providing info, most of all for free, but I want more. I want more complete info and I don't wanna pay $29.95 for it from the man."

What's Even Scarier

[Hrunting]

I found myself on 555-1212, much to my surprise as I've only lived in this location for 2 months and I was entered twice (both with incorrect spellings). What's even worse are the tie-ins that companies like these use. At 555-1212, I could search public records, that required me to provide even more information, or I could look for classmates from high school, which required a host of information about my high-school years. And people will just enter this stuff. They have no worries.

Personally, I'm careful with the information that I give out, but I'm not paranoid. I know people can find out a lot about me with just very simple searches like this, but at the same time, I don't fill out surveys, I don't fill out sweepstakes registration, and I'm sure as hell not giving out any more personal information than I need to. Unfortunately, many of these sites present that personal information as information necessary to look up your request, which just isn't true, and people freely give it cause they're greedy for the specific information they want.

But again, I'm not intent on hiding my information. I just want to make sure that it's protected so that only I can change it and so that I can determine how it's used. I haven't heard any successful ideas on how to manage that.

We can buy it also.

[SEWilco]

Well, you can get some of it directly from the source. Some government agencies sell their public records on magnetic media or through direct queries -- but they're oriented toward commercial access and you may have to pay tens of thousands of dollars and get one set of records for everyone in the state. That's excessive when you just want one individual.

Some public records are not on line, but private companies wade through them and sell the info. Most of these companies are set up to distribute to the same large companies which deal with the large government collections.

Individuals and companies who need such info then subscribe to those large collectors, or buy individual records through private investigators and credit reporting services. There also is cross linking, such as when you hire a P.I. in your city and they hire one in another city to go look up records in a distant courthouse.

But it's often easier for individuals to just pay one of those services than go get individual copies from the original sources.

Re:Isn't data supposed to be free?

[kabir]

> Privacy is not a "right"; it is an encumberment to freedom. You can't have both free data
> and privacy. And when it comes to down to the decision, data can only help us move forward.
> You can't say that about privacy.

While I can see that privacy might be
considered an "encumberment to freedom" in an ideal situation, I can't help but think that that is a very nieve point of view in the real world. As far as I can tell, privacy is an enabler of freedom, not a hinderence. Privacy, and to a certain degree anonymity, are in fact essential for a tolerable life in a data rich environment. Why do I say this? Because historically detailed and accurate information regarding individuals has been used rather often for oppression, containment, and supression of ideas.

It's also worth pointing out that privacy and a data rich environment are not, IMHO, nearly as contradictory as your post would have us believe. For example, there is a good deal of information regarding me available in the world. You can find out who I am (assuming for a moment I've been honest) by checking out my domain, web site, people searches, etc. From this data you can link me to an IP range, and potentially monitor my online behaviours. Throw well crafted cookies into the mix and you just get more accuracy. But the fact that so much identifying data is available regarding me, the person, doesn't mean that my privacy need be so thoroughly comprimised every time I log on to the net. Anonymizer services, networks like Freedom.net, group tracking for demographic purposes (as opposed to individual tracking), these are all ways that there can still be a wealth of data freely available while still maintaining a certain degree of privacy.

Ultimately it isn't data which is a threat to privacy (and by extension freedom) but how that data is linked to actions. And for my money, greater linkage between that data and my actions does not "move us forward" by any means. The whole point of privacy, really, is that deep at the root of our freedom is the freedom to recognize that our governement/organizations in power are corrupt, or no longer capable of serving the people, and to organize against them. The true political reason for privacy is to ensure the posibility of revolution.

So I don't think that we should let privacy go the way of the wind, but neither do I feel that the cause of privacy is inherently in conflict with the freedom of data.

Just my $0.02
--

reverse phone number lookup

[jesterzog]

Doesn't the US have laws about reverse lookup?

It caught me a bit by surprise because for a long time, we've had legislation that restricts various types of searching on databases - electronic or not. (This is in New Zealand, and I'm sure many other countries also.)

The flagship example is that phone companies aren't allowed to make directories searchable by phone number - by anyone outside the phone company, at least. (Similarly, a phone book can't be indexed by number.) I'm not sure of the specifics, but I think anyone who slapped their own reverse index on someone else's database would also be in trouble.

For the same sorts of privacy reasons, we're not allowed to use one organisations primary key as a primary key in a second organisation's database. Does the U.S. have something like this? It's annoying sometimes that I can't just use someone's IRD number (like a social security number) for a primary key, but there are important ethically based database synchronization reasons for why it's not allowed.

===

Re:reverse phone number lookup

[DrEldarion]

AFAIK, it's perfectly fine... We even had a magnet from the phone company with the reverse lookup telephone number on it. I had used the service a couple times... pretty useful, but it DOES scare me that someone could get your address from just your phone number THAT easily...

ESPECIALLY because of something they forced us to do at my job... (I'm a cashier at a grocery store.. hey, stop laughing!) If someone had forgotten their little savings card thing, we'd ask 'em for their phone number so we could put it in and still track what they buy (you didn't think that your info was just used for check cashing, did you? tsk...) Well, nearly everyone that was asked just blurted out their number (and that was a LOT of people... probably about 1/3 of the customers we got were too friggin lazy to PICK UP A CARD before they left the house...). I wonder how many of those people got unwanted 'visitors' because someone got their address from that service...

-- Dr. Eldarion --

Invalid Argument...

[Carnage4Life]

If data is outlawed, only outlaws will have data. If everyone has access to information on everyone else's personal lives, nobody will actually make use of it for fear of repercussion.

Your argument makes no sense. The one guarantee that all the online privacy battles have shown us is that people abuse access to other people's private information. If everybody on Slashdot could lookup your address and phone number to flame you every time there was a disagreement, what would happen isn't that everyone would use restraint but instead that several slashdot flamefests may spill into the real world. Remember several people have threatened trolls with violence for posting to slashdot, do you really think it would be great for everyone to have access to every other person's informtion?

For a real world example, do you think it is safe for anybody a woman happens to give her phone number to have immediate access to her address? If these sites catch on, it would make dating turn into an even bigger game of Russian roulette (and probably completely kill chances of most people ever meeting anybody at a nightclub) than it is now.

PS: Your text in bold is exactly the point. Currently if someone has an excessive information amount of information about me and/or is tracking me then they are stalking me. Your post seems to want to make stalking a legal right. Whatever.

PPS: Your many eyes watching theory of keeping peace, was a hallmark of communism in its heydey. Citizens were encouraged to spy on each other and weekly denouncements were held in local meetings. This lead to the tyranny of the majority opinion on those of minorities. It is far easier to enforce conformity when all deviation is available for public consumption. How many people would be actively gay if all it took was a website lookup to determine their sexual preference? Even better how many Wiccans are Satan worshippers would practice their religion of their religious preference was available for all to view? Think about it...

Check out www.domainia.com and Shockwave Rider

[Thagg]

My favorite example of the loss of privacy is domainia.com

This site lists the last sale price of a house, or every house along a street. As near as I can tell, it's accurate, complete, and up to date. I think that the data is from public records of leins against property.

John Brunner's incomparable The Shockwave Rider described a world where almost all information was free. Anybody could find anybody's history of interaction with the ubiquitous 'net -- including all purchases. Anonymity and privacy were so long forgotten that they weren't even mentioned in the book.

Shockwave was a novelization of Toffler's Future Shock. The protagonist is able to surf the tsunami of change that was rearranging the landscape of the world...any hacker that hasn't read it should run to their favorite used-book store to get a copy.

thad

Hard to hide from from Slashdot Stalkers

[The+Cheez-Czar]

A few weeks ago I got a call from work from slashdot's very own emmett, which suprised me. I'd meet at Linuxfest (it was the best (and unfortunately only) Linux Tradeshow I've been to) , but didn't think I'd gave him my card.

When I asked him how he found it, he said he found my resume online (The only copy with that work number though was on a friends server with out any outside links to it (that I could remember))

He asked me to verify my address so he could send me something he said. (I hoped for something that didn't tick), but since I haven't got anything , (except for Credit Card application) I'm sure there is a Slashdot conspiracy and they are secretly compiling a list of contact information of all there readers, for some nefarious Vandover purpose.

I guess the moral to this story, is if you want to keep your privacy, be careful what you put online, as it is there forever, (with mirrors and search engines). That and never tell emmett your home address.

The hole in this argument.

[Christopher+Thomas]

If you outlaw something, you don't affect criminals who already have shown that laws won't influence their behavior, but you do have a strong influence on law-abiding citizens

This argument crops up whenever the topic of gun control is raised, and it's valid - in the short term.

Guns don't last forever, especially when they're in the hands of criminals and likely to be lost on a botched crime or during a gang war or when evidence must be dumped.

If the general public doesn't have access to guns, the replacement stream for these missing weapons slows to a trickle, for a _long-term_ benefit.

For an example of what the steady-state situation looks like after gun control, take a look at any country that's already _had_ gun control for a few decades.

Would I fear getting mugged walking through a city park in the dead of night here in Toronto, Canada? Sure.

Would I fear being shot? Nope.

Could one criminal get one gun up here if they really, really wanted to? Probably.

Could a hundred criminals get themselves an arsenal for a gang war? Maybe if they spent enough time at it, but it would be a hell of a lot more work than it would be down in the US.

In conclusion, I feel that the long-term benefits of gun control outweigh the short-term problems.

Re:The hole in this argument.

[ralphclark]

Oh sure, very determined criminals, members of organized crime rackets and so on will always be able to get guns because (1) they have the resources to do so and (2) the amount of "business" at stake makes it worth it to do so. But petty criminals won't find it so easy.

Consequently with firearm ownership and supply heavily restricted by law, most of what little firearm offences occur will be perpetrated by criminals against other criminals or during armed robbery of high-value installations such as banks.

But under such a regime (such as we have in the UK for example) perpetrators of petty crime like burglary, mugging, assault and rape don't have easy access to firearms. Even being found in possession of an unlicenced gun is a serious crime. And conviction of assault with a firearm automatically means a life sentence. Consequently almost all petty criminals eschew guns altogether.

So where firearms are restricted, as in the UK, very few law-abiding people are ever threatened by a gun. Very few people ever even get to see one. People with guns are not a problem in the UK, and unlawful killing and maiming is pro-rata less common than it is in countries like the US where firearms are unlicenced and easy to obtain.

Consciousness is not what it thinks it is
Thought exists only as an abstraction

wheels within wheels

[Lucius+Lucanius]

Richard Powers had a good essay in the NY times about the impossibility of privacy. He is an eccentric and shy writer, and never had a credit card or even a checking account, quietly deciding to opt out of the "system". He discovered he couldn't get a phone line installed because he had no history. Even when he offered to pay money up-front. I suppose the IT business rules in the phoneco. were coded that way, and god forbid a human being making a decision on your phone line.

The point of the essay was that privacy isn't only a personal preference, but it's not *possible* any more if you want to live a fairly normal life. Even getting a phone or a house on rent requires you to be plugged into the system and give your pound of flesh, or live like a hermit in a shack.

The days when you could visit a doctor and pay only for that visit without involving a multi-billion dollar insurance industry having all your personal records cross indexed, are pretty much gone. Privacy is not possible any more, even if you are willing to pay for it.

Portscan

[gordon_schumway]

I went to www.555-1212.com and browsed around a bit. Then I got a portscan from stats.555-1212.com on 137/udp -- that's NetBIOS. What are they gonna grep my SMB shares for more info?

Did anyone else notice this? What a bunch of bastards!

Re:Portscan

[subsolar2]

That's interesting, I've noticed the same thing from some web sites also. From what I've been able to tell they all run MS IIS on Windows NT.

So anybody know is there an ASP command to pull that information? And why the heck would the *need* it? I would call it a privacy violation, should we sick the FTC on them?

subsolar

Yes. See Reno v. Condon

[/]

The Federal law is the Driver's Privacy Protection Act of 1994, and it was upheld by the Supreme Court in January in the unanimous decision of Reno v. Condon . In a nut shell, federalism issues don't prevent Congress from regulating the sale of such information as an appropriate regulation of interstate commerce.

(When the DPPA was originally passed, it only required an opt-out provision be provided to angry motorists. However, Public Law 106-69, 113 Stat. 986, which was signed into law on October 9, 1999, changed that to an opt-in requirement, which will all but assures that no such data will be released, owing to the slightly non-zero intelligence of most Americans and their/our general laziness.)

One consequence of Reno v. Condon demonstrated, however, is that because Congress has plenary power over these data, while we can hope and demand that privacy be enforced, Congress is equally capable of legislating that companies be allowed to use/sell such data, and under the Supremecy Clause of the constitution, all state privacy laws to the contrary would be trumped. It's a scary thought.

Re:Portscan - yes

[anticypher]

I went and browsed a little bit for info on Alfred E. Neuman (what, me worry?) from one of my honeypot machines. (OT, there are a lot of A.E. Neumans out there :-)

Saw a number of portscans from stats.555-1212.com (209.10.41.43). Not just ports 137/138/139, but also 80, 23, and a few of others. It looks like a modified nmap in slow stealth mode.

I'll have to try from a windoze based honeypot and see what they are trying to dig out of netbios shares.

I'll be contacting globix.net security about this system and its obvious violation of their AUP, but they've got a reputation for ignoring abuses about paying commercial customers.

the AC