Tackling Data Mining

Many of the free services that run through of the Internet work on the principle that you are willing to give up some personal information in return for access to their product.  Data Brokers trade in this business.  They buy up data, aggregate the records and sell it on; probably for later use in sales or marketing.  Laws such as GDPR encourage data anonymisation but if sufficient details can be gathered about an individual they can be identified.  This is legitimate big business; the UK player Databroker assumes a buyer spend in the range of £500 to £10,000.   The original data can be scraped from websites and mobile applications.  It can also be legitimately sold by the original gatherer providing that appropriate privacy conditions have been met.   While these examples are open and above board there are less reputable dealers SPAMing offers of data lists and an illegal trade in data destined for hacking and ransomware attacks.

Information about business decision makers or high spenders is of greater value to both the legitimate and criminal data broker.  The criminal will also be interested in information linked to system administration.  People involved in these areas need to be particularly aware of what data they share.  System administration staff should always be cautious but company decision makers and their support staff need to be equally careful.  Some decisions need to be made at the corporate rather than individual level.  A marketing email is more likely to be seen if sent to a named individual and better still if that individual is the relevant decision maker.  SPAM emails may use hacked or spoofed credentials to fool the recipient that these requests are from a user within the corporation or from a trusted supplier.  A company web or social media profile appears more approachable if named individuals are disclosed but this provides free contact information to the data broker.  An ‘info’ or ‘contact_us’ email in publicity exposes fewer personal details.  Most corporate emails follow some sort of ‘name@’ format so data collectors can guess derived emails with relative ease.  The individual’s SPAM filter cannot be relied upon to either filter all SPAM or send some important traffic to the wrong folder.  SPAM checker services allow senders to check the vulnerability of their messages before sending them.

Reputable data brokers will allow individuals to remove their data from records.  This process has been made easier by GDPR’s right to be forgotten clause.  As this is information that is freely bought and sold the sites of several brokers will need to be accessed and requests made.  Services are available that will do the work over several providers for a fee.  This may be a subscription model as the service assumes that data brokers will gather similar data again from another source and not delete it (as they should have done).

More from Privacy


Push Notifications

Push Notifications are primarily seen as a marketing or advertising tool.   Another popular use is within chat applications; ensuring that subscribers keep up with …

Read post


EU Digital Services Act Implications

Kindus has already outlined the EU Digital Markets Act.  The Digital Services Act is another EU law that came into force on all platforms …

Read post


Web Browser Privacy

Various services offer the concept of private browsing.  In most cases this means that browsing history is kept secret from other users of the …

Read post


EU Digital Markets Act

The EU Digital Markets Act became law in 2022 and its terms began to apply from May 2023. Major Internet content providers needed to …

Read post

Sign Up

Sign up to our newsletter list here.

    Successful sign up

    Thank you for signing up to our newsletter list.

    Check your inbox for all the latest information from Kindus