Examples of Abuse

Almost everyday a company or government abuses your data. Whether these abuses are intentional or the result of error, we must learn from these abuses so that we can better build tomorrow's policies and technologies. This resource is an opportunity to learn that this has all happened before, as well as a tool to query these abuses.

Please contact us if you think we are missing some key stories.

 

10 Jun 2016
In June 2016, National Security Agency deputy director Richard Ledgett told a conference on military technology conference that the agency was researching whether internet-connected biomedical devices such as pacemakers could be used to collect foreign intelligence. Ledgett identified the complexity
14 Jun 2016
In 2016, Facebook and Google began introducing ways to measure the effectiveness of online ads by linking them to offline sales and in-store visits. Facebook's measurement tools are intended to allow stores to see how many people visit in person after seeing a Facebook campaign, and the company
21 Jun 2016
In 2015, the DNA testing company 23andMe revealed it had sold access to the DNA information it had collected from the 1.2 million people who had paid for genetic testing to more than 13 drug companies. One of these was Genentech, which paid $10 million to look at the genes of people with Parkinson's
28 Jun 2016
In 2016, Facebook gave conflicting accounts of whether the service uses location data in order to recommend prospective Friends in its "People You May Know" feature. When the company first admitted - for publication - that location data was indeed one of the signals it used, many users felt this
07 Jul 2016
In 2016, supporters of Ted Cruz and Rand Paul for president were surprised to begin getting emails from the Trump campaign soon after their candidates dropped out of the race for the Republican nomination. In an investigation, CNNMoney found that nearly every failed 2016 presidential candidate sold
12 Jul 2016
In 2016, the French company Criteo, which uses website tags to collect information about the products visitors see, noted that it keeps such data for 13 months. The company creates user profiles based on each visit to a website to view content or a product, and also uses the data for retargeting ads
13 Jul 2016
In 2016, PlaceIQ, which connected physical and digital activities across time, space, and mobile devices, announced a collaboration with Oracle that would make its audience data available through Data Cloud's BlueKai Marketplace. PlaceIQ uses data from 475 million location points, 100 million unique
21 Jul 2016
In the past, car insurers relied on drivers to report their annual mileage when renewing their policies. Increasingly, however, insurers are turning to other methods. In 2016, State Farm, a US insurance company, acknowledged that the company verifies the mileage driven by the cars it insures in a
28 Jul 2016
In 2016, when Australia was planning to introduce a new welfare system based on data collection, experts from New Zealand, where a similar system was set up in 2012, warned that experience showed that the most vulnerable people were checking out of any relationship with the state. They warned, for
02 Aug 2016
At the 2016 Usenix Workshop on Offensive Technologies, researchers from the University of Michigan presented the results of tests that showed that industrial vehicles - a 2006 semi-trailer and a 2001 school bus - were subject to the same security flaws as had already been found in domestic cars. Via
08 Aug 2016
Many people fail to recognise the sensitivity of the data collected by fitness tracking devices, focusing instead on the messages and photographs collected by mobile phone apps and social media. Increasingly, however, researchers are finding that the data collected by these trackers - seemingly
18 Aug 2016
In a presentation given at the Knowledge Discovery and Data Mining conference in 2016, researchers discussed a method of using the data generated by smart card public transport tickets to catch pickpockets. In a study of 6 million passenger movements in Beijing, the researchers used a classifier to
30 Aug 2016
In 2016, researchers at the University of Birmingham and the German engineering firm Kasper & Oswald discovered two vulnerabilities in the keyless entry systems affecting practically every car Volkswagen Group had sold since 1995, estimated at 100 million vehicles. Two separate attacks use cheap
03 Sep 2016
In May 2014 the Polish Ministry of Labor and Social Policy (MLSP) introduced a scoring system to distribute unemployment assistance. Citizens are divided into three categories by their “readiness” to work, the place they live, disabilities and other data. Assignment to a given category determines
04 Sep 2016
A pregnancy-tracking app collected basic information such as name, address, age, and date of last period from its users. A woman who miscarried found that although she had entered the miscarriage into the app to terminate its tracking, the information was not passed along to the marketers to which
05 Sep 2016
In September 2016, an algorithm assigned to pick the winners of a beauty contest examined selfies sent in by 600,000 entrants from India, China, the US, and all over Africa, and selected 44 finalists, almost all of whom were white. Of the six non-white finalists, all were Asian and only one had
08 Sep 2016
The "couples vibrator" We-Vibe 4 Plus is controlled via a smartphone app connected to the device via Bluetooth. In 2016, researchers revealed at Defcon that the devices uses its internet connectivity to send information back to its manufacturer including the device's temperature, measured every
08 Sep 2016
In 2016, when data scientist Fred Benenson investigated why he had received an email from Sears asking if he was still interested in a product shortly after he had browsed for it on the Sears website, he discovered that Sears had contracted the French company Criteo to make this type of connection
21 Sep 2016
In 2016, researchers at MIT's Computer Science and Artificial Intelligence Laboratory developed a new device that uses wireless signals that measure heartbeats by bouncing off a person's body. The researchers claim that this system is 87% accurate in recognising joy, pleasure, sadness, or anger
27 Sep 2016
In 2016 researchers at the University of Texas at Austin and Cornell University demonstrated that a neural network trained on image datasets can successfully identify faces and objects that have been blurred, pixellated, or obscured by the P3 privacy system. In some cases, the algorithm performed