Open Letter To Data Brokers Are A Bunch Of Idiots Or Current Business

from the data-brokers-or-broken-data? dept

Attention world: there is a problem growing and something must be done about it! Some weeks back, a story about OfficeMax sending out a letter to a customer that was addressed to "Daughter Killed in Car Crash or Current Business."

The recipient, Mike Seay of Chicago, was understandably upset, having indeed lost his daughter to a car accident the previous year. It went viral in a big way, leading many to ask how that kind of thing could even happen. In a move that may have been heavy on honesty and light on an understanding of the public relations issues it would create, OfficeMax insisted that the issue was with the 3rd party data broker that had provided them the list of recipients for this letter.
“The mailing list OfficeMax requested from the third-party provider was for Businesses, Small Offices and Home Offices,” says OfficeMax spokesperson Karen Denning by email. “NO personal information qualifiers were part of our request; we were not seeking personal information and did not ask for it. As an additional measure to prevent future mailing errors, we have upgraded the filters designed to flag inappropriate information.”
Note what they're saying. They're saying that they hadn't requested personal information for this mailing list. They are not saying that the data broker does not have that information, nor are they saying that they have not, or never will, request such information. This only made readers of the story ask even more questions about who has what data on them and how that data is used in business.
Without more information about what exactly happened here, we’re left to assume that there are data brokers keeping track of parents with dead kids and that someone put an entry into the wrong spreadsheet cell, accidentally listing Seay’s tragedy in the column designated for the name of his business.
On its own, the explanation that a telemarketer might note that there was a car death to denote sensitivity in sales might have sated most of the public. But, like I said: epidemic. Or at least the start of one, now that we have a similar story, one that might not be quite so easy to explain.
On Thursday, freelance writer Lisa McIntire's mother received a credit card offer from Bank of America sort of addressed to her daughter. There was one tiny difference, though, in the name; instead of Lisa McIntire, the letter was addressed to a "Lisa Is a Slut McIntire." McIntire's mother contacted her daughter via text and then sent a series of photos. McIntire, of course, was slightly disturbed and took to Twitter to share the unusual junk mail.
Now, look, I like a good insult perhaps more than the average person. On top of that, gratuitous vulgarity is the kind of thing that really gets my trousers off. That said, were I Lisa McIntire, I'd be damned before I'd allow Bank of America, noted promiscuous deceivers on mortgages, to call me a slut. I expect we'll get another explanation that has something to do with a data broker either pulling information from social media or Google searches, or else behaving badly and denoting random people as sluts, but that won't solve the problem. People might finally begin to understand just how much personal information, or information about them, is out there and how companies are using it. Expect the grandstanding to begin shortly.



Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Just Sayin', Feb 7th, 2014 @ 12:55pm

    Really?

    That's a big story?

    Let's get serious for a moment. There are a ton of websites out there that collect information for credit card offers, and many of them will mail out directly without any real data filtering - you ask for it, you get it. Some malicious people (damn, they exist?) will use those sites to mailbomb or otherwise harass others with unwanted junk mail and the like.

    The first case is interesting, but may be nothing more than an error made by an employee (say at an insurance company) who modified an address line with a commentary line of text. Then the insurance company sells a mailing list, which get aggregated and boom, the problem goes forward.

    It's not really a big deal. Every time you leave checked (or check) the box that says "I would like to receive offers from related companies or partners" you pretty much just told them to sell your information.

    You did it to yourself, for the most part.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    zem(is grumpy), Feb 7th, 2014 @ 1:08pm

    This is why I (fell in a hole last year) often provide false (bastard lies to us) information when filling out online data.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 1:17pm

    Re:

    And that (is a slut) is why I do the same when filling out business reply mail for other people.

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    Trails (profile), Feb 7th, 2014 @ 1:20pm

    Re:

    I feel sorry for the person who actually owns the address no@emailforyou.com

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 1:25pm

    Re: Re:

    I used to use a couple random "worthless" email addresses when filling out comments on websites - and then one day I stated noticing that occasionally the gravatar would be someone's picture...

    In any case, this girl's name is Lisa... what would one expect.

     

    reply to this | link to this | view in thread ]

  6.  
    icon
    BentFranklin (profile), Feb 7th, 2014 @ 1:34pm

    1. Bank of America calls Lisa a slut to her mother.
    2. ???
    3. Profit!

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 1:36pm

    This whole datamining crap is way, way, out of hand. Even so those who represent this mining industry fight tooth and nail to prevent any sort of damping of these collections of data.

    Digital privacy will have to be addressed in some sort of updated laws requiring the datamining industry to put some dampers on this practice.

    I continually do what I can to prevent any data at all from being mined but it is so persuasive and hidden that it is near impossible to get it all. Nor is there any sort of central hub where you can go to get off this crap. It is instead scattered all over the place with most requiring personal identification, residence address, just to get it removed and halted. Even then, it is often just a temporary fix and sometimes next to worthless as many want you to take some sort of cookie to use as the stop block. First time you clear your cookies you are back at step one. My browser will clear all cookies, LSOs, and evercookies each closing and it will remain that way.

    Google, facebook, and most of the other major sites are far over the line with this crap.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 1:47pm

    Geez, my mail man is creepy enough. Imagine opening the door to sign for something after he saw that. Yuk.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 2:00pm

    Re:

    The way to fight that is to pollute the database with so much erroneous data such that the it becomes useless or even dangerous to try to use it. I could also see people co-opting this as a technique as well to further embarrass the company. I can see people signing up for mailing lists with completely random bogus information and adding in stuff like this on purpose but not tied to any real person or events just to get the data in the databases. Then when mailings (which cost the companies real money to send out by the way) send out outlandish mailings. Recipients that find these mailings report them assuming the identity online and acting offended just to embarrass the companies that are sending them junk mail even if the mail is coming under a fictitious name. When a company using a data broker for this sort of thing gets burned enough times, they will stop using that data broker. The same thing will happpen with companies that buy demographics and statistics data mined from these databases once they realize that the information can't be trusted because a substantial amount of it is garbage.

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    Gwiz (profile), Feb 7th, 2014 @ 2:02pm

    Re: Re:

    I feel sorry for the person who actually owns the address no@emailforyou.com

    I also hope that there isn't a real person named "Hugh Dontneedthis". I've used that one quite a bit when a name is required.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Indy, Feb 7th, 2014 @ 2:20pm

    Irony

    There's irony in that from the picture you posted you can determine exactly where the McIntire's live. The zip+4 tells exactly the location.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 2:26pm

    Re: Irony

    It doesn't necessarily get you the EXACT address but it does get you really close.

    http://www.zip-codes.com/blog/2013/05/01/what-is-a-zip-4-code/

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 2:28pm

    data mining

    Another problem with data mining is that some businesses (my experience was with a local credit union) are using the "data" to verify identity! I tried to open an account online and was refused! Wanna know why? They had taken my name and merged info from someone who had a different middle initial. When I listed past addresses, obviously the few the other guy had were missing. They said I could come in person to open an account and I said no thanks. IMHO they are too stupid to be entrusted with my money.

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    velox (profile), Feb 7th, 2014 @ 2:34pm

    Re: Re: Irony

    Actually for most residential addresses you can get the exact address.
    In the case of Lisa you can quickly find a free online tool that gives you which street, which block, and which side of the street she lives on. There are only 4 houses that fit the description. If you pay a fee, then you can get the exact house she lives in.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 2:37pm

    Re: Re: Re: Irony

    When I did some lookups on some codes in a zip I was familiar with I got answers like...

    801-900 Street Name (Odd only)

     

    reply to this | link to this | view in thread ]

  16.  
    icon
    velox (profile), Feb 7th, 2014 @ 2:43pm

    Re: Re: Re: Re: Irony

    Yes and look at a map of that [Street Name] in Menlo Park. You can use OpenStreetMap for instance There are only 4 houses on the odd side of the street in the block given when that zip+4 is search

     

    reply to this | link to this | view in thread ]

  17.  
    icon
    AricTheRed (profile), Feb 7th, 2014 @ 3:04pm

    Re: data mining

    "We" (your local credit union) are not too stupid to be trusted with your money.

    We're hoping you are too stupid and trust us with your money!

     

    reply to this | link to this | view in thread ]

  18.  
    icon
    80sRelic (profile), Feb 7th, 2014 @ 3:30pm

    Re: Re: Irony

    I got an address!

    If I look up "94025-5635" on Google, one of the near-top results is "Robert McIntire on San Mateo Dr, Menlo Park, California > 411.info"

    The web page linked to has an address... Robert and Lisa "who can't redact worth a damn" McIntire prolly share the same address!

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 3:36pm

    Well, if the guys info was right, then there is a chance that she is a slut.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Feb 7th, 2014 @ 4:21pm

    Re: Irony

    And even if they thought of obscuring the ZIP code, the barcode in the picture also has a machine-readable copy of it. How many non-technical people would think of also obscuring the barcode?

     

    reply to this | link to this | view in thread ]

  21.  
    icon
    btrussell (profile), Feb 8th, 2014 @ 8:26am

    "...I'd be damned before I'd allow Bank of America, noted promiscuous deceivers on mortgages, to call me a slut..."

    It takes one to know one.


    "People might finally begin to understand just how much personal information, or information about them, is out there and how companies are using it."

    So they have info related to her being a slut?

     

    reply to this | link to this | view in thread ]

  22.  
    icon
    DNY (profile), Feb 8th, 2014 @ 11:32am

    A bad data broker story

    For years, I was deluged with spam sent to my e-mail address (which is based on my full name, the initials of which I use as a screen name here at TechDirt), but with salutations to a Maria Flack, purportedly hailing from a non-existent town, Banner Elk, PA. (The only municipality in the United States called "Banner Elk" is in North Carolina.)

    The deluge slowed to a trickle when I contacted the offices of a legislator in Pennsylvania, who e-mailed me campaign materials. It seems the zip code the data brokers had attached to the non-existent town was in his district. Through his good offices the data brokers were disabused of the notion that my e-mail belonged to a person named Maria Flack, and within a few months the frequency of e-mail for the (probably also non-existent) M.F. fell to about one message a quarter.

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Merav, Feb 8th, 2014 @ 6:22pm

    Publishing the full zip code is enough to get the address and phone number. The numbers after the dash are unique to one household only.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Anonymous Coward, Feb 9th, 2014 @ 8:30am

    When I was a little bastard (read: teenager) I used to sign people up to mailing lists that I didn't like with names like "Sally Slutpuppy Cdump" and "Richard EatASchlong." I imagine this is probably a similar situation. She probably pissed off some young punk (maybe yelling at neighborhood kids or something) and they pulled the same sort of stunt. I bet if they dig deep enough they'll find a similar situation. Not that they would, it's easier to blame another entity for the snafu then do actual research.

    Working in a healthcare setting, I've seen comments like this in patient and doctor notes get transmitted in datafeeds because someone was pissed off. I used to scan our EMR (think patient tracker type thing) for cuss words and find all sorts of comments like "she's a b*tch" or "called me a n*gger - hope he dies!" in the notes. Sometimes you can't control people.

    But hey, they'll probably settle out of court if someone ever takes them to task because someone expected them to write an anti-cussing routine in their code and demand they spend millions to implement a word-filter (which everyone will bypass anyways) to get around it.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Anonymous Coward, Feb 9th, 2014 @ 12:20pm

    Re: Re:

    Won't work. Now days most data providers use multiple data sources, including some like public records that you can't pollute. They have algorithms that do data sanitization by x-checking with known good records.

    The real solution is to give people copyright over their personal info. That way we can use all of the copyright industry's tools to block the spreading of information. DCMA anyone?

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Anonymous Coward, Feb 10th, 2014 @ 4:50am

    Re:

    The numbers after the dash could also indicate an individual PO box. I know this because I reside in an area where the USPS doesn't deliver mail.

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Anonymous Coward, Feb 10th, 2014 @ 5:48am

    Re: Re: Re:

    As long as the form isn't blocking them, just use a domain set up specifically for spam-eating, like Mailinator.

    Heck, if it lets you, just use example.com.

    That way you don't wind up causing anyone else to be spammed.

     

    reply to this | link to this | view in thread ]

  28.  
    icon
    John Fenderson (profile), Feb 10th, 2014 @ 11:41am

    Re: data mining

    This sort of thing is why I can't get my free annual credit report, either.

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    Anonymous Coward, Feb 11th, 2014 @ 10:54pm

    Re: Really?

    Whatever you say, slutbags.

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    @b, Feb 12th, 2014 @ 5:06pm

    auto complete

    >Without more information about what exactly happened here, we’re left to assume that there are data brokers keeping track of parents with dead kids

    >>and

    >>that someone put an entry into the wrong spreadsheet cell, accidentally listing Seay’s tragedy in the column designated for the name of his business.


    You'd just type Lisa, hit enter, and msexcel (like a browser) can add the colourful commentary stored on the local computer, not necessarily even elsewhere inside that spreadsheet file.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This