Is Deceptively Getting People To Spam Their Friends Identity Theft?

from the seems-a-bit-strong dept

Last month, the social networking site Tagged got in some PR trouble after its attempt at “viral marketing” went a little haywire, causing lots of people to inadvertently spam their friends with invites to the service (and then those who signed up may have done the same). Such things are pretty common. They’re deceptive and annoying, and companies that engage in them don’t tend to last very long because no one really wants to use their service. But is it identity theft?

That seems to be the claim from NY Attorney General Andrew Cuomo who is suing the company, claiming that it “stole the address books and identities of millions of people.” While we in no way endorse what Tagged did — it is deceptive and scammy — it’s definitely seems like going over the line to call it identity theft, or even address book theft. Tagged apparently quickly pulled the plug on the campaign, and while there could be an action against the company for deceptive marketing practices, one would think that the company’s reputation has been so damaged already that it’s not going to be able to sign up many legitimate users. Tacking on attacks about privacy invasion and identity theft seems like bit much.

Filed Under: , ,
Companies: tagged

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Is Deceptively Getting People To Spam Their Friends Identity Theft?”

Subscribe: RSS Leave a comment
itchyfish says:

Maybe it is

I could actually see how one could consider it “identity theft”. If Tagged takes my address, which it sounds like they did from the article, and spams my friends using *my* email as the original sender, then yeah, I can see it. They’ve hijacked my address book and sent emails that are “from” me, recommending they join. You’ve hijacked my email service and represented yourself as me, that’s identity theft. You didn’t really cost me anything monetarily, but you *did* steal my identity, however briefly.

dieselm says:

I was on the receiving end of a wave of these. This was closer to phishing than to merely “deceptive practice”.

*Many* companies are loosey goosey about the way that they use your address book data (when given permission) and “encourage” you to “spam” your friends. Facebook at times, Zynga at times, etc. That would be deceptive and annoying. This is far beyond. The way Tagged did it, privacy invasion and identity theft actually characterizes the act well.

Without permission, they misrepresent to get credentials, use those credentials to access your address book, spam friends pretending to be you, claiming to be sharing photos which are non-existent in order to induce your friends to click to repeat the process which results in (by their metric) a material gain for the company.

If Techdirt asked me for a username and password for one reason and then gave it a whirl to see if they could access my gmail account and download my address book with it, I would call that privacy invasion. Foolish me for using the same credentials, but that doesn’t give the company a reason to rifle through accounts on multiple other services. Using that information sending out unsolicited emails pretending to be me inducing others to do the same and furthermore, doing it en masse, charging them with identity fraud sounds right too.

I’m more amazed the Attorney General was on the ball enough to notice this was different enough to file suit. Normally, I’d expect even this sort of egregiousness to fly completely under the radar.

Anonymous Coward says:


They’re deceptive and annoying, and companies that engage in them don’t tend to last very long because no one really wants to use their service.

Like Linkedin? I know someone who recently joined is this is precisely what Linkedin did. So you say they won’t last very long and no one wants to use their service? We’ll see.

Jo Atua (user link) says:

ID Theft

I am not sure of this – it is not really ID theft because they haven’t actually used someone else’s info, but have not been truthful of their intentions for the need for these people to contact their friends. Identity theft is when someone actually uses your identity obtained illegally – shred your documents, Office shredders are good for this

Aden (user link) says:

I vote "identity theft"

Email addresses are almost always associated with a specific individual. Countless online services identify us by our email address. I therefore pose that an email address is as much a verifier of identity as a drivers licence.

Now if I was to walk into a bank with someone else’s id and ask to open an account, I would be committing identity theft. I therefore propose that by sending emails from someone else’s account, that you are in fact posing as that individual. What other reason could they have for their actions other than to attempt to pose as the owner of the account?

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...