Examples of Abuse

Almost everyday a company or government abuses your data. Whether these abuses are intentional or the result of error, we must learn from these abuses so that we can better build tomorrow's policies and technologies. This resource is an opportunity to learn that this has all happened before, as well as a tool to query these abuses.

Please contact us if you think we are missing some key stories.

 

30 Apr 2018
In 2018 industry insiders revealed that the gambling industry was increasingly turning to data analytics and AI to personalise their services and predict and manipulate consumer response in order to keep gamblers hooked. Based on profiles assembled by examining every click, page view, and
30 Apr 2018
In 2018, the Chinese Communist Party's anti-corruption watchdog in southeastern Hefei in the Anhul province claimed in a social media post that its branch in a neighbouring city had retrieved deleted messages from a suspect's WeChat account. Tencent, WeChat's operator, denied that the company stored
01 May 2018
In India, one of the reasons the Aadhaar ID system has been increasingly widely used is that it is mandatory for much India’s benefits system. Government subsidies are now processed through under the Direct Benefit Transfer scheme, which requires citizens to have a bank account and to insure that
01 May 2018
In 2018, after the UK Cabinet Office said a trial of compulsory voter ID was necessary because reports of voter fraud had more than doubled between the 2014 and 2016 elections - a claim immediately disputed by a voter and upheld by the UK Statistics Authority. While it was true that there were 21
02 May 2018
The French company Criteo is struggling to conform to the requirements of the EU's General Data Protection Regulation, which came into force in May 2018. Critics believed that Criteo's practice of opting visitors to European retail sites into first-party cookies and tracking even if they ignored the
05 May 2018
At the 2017 Champions League Final, South Wales Police deployed an automated facial recognition system that wrongly identified more than 2,000 people in Cardiff as potential criminals. The system's cameras watched 170,000 people arrive in Cardiff for the football match between Real Madrid and
05 May 2018
In May 2018, Slice Technologies, which provides the free Unroll.me email management service in return for data-mining individuals' email inboxes, announced it would discontinue offering its service in Europe rather than comply with the incoming General Data Protection Regulation. Unroll.me's privacy
06 May 2018
In May 2018, the UK's Information Commissioner's Office announced it would investigate Police Scotland after Privacy International filed a complaint that offers' use of "cyber kiosks", which when connected to a device can view all its data, violated the Data Protection Act. Trials of the technology
07 May 2018
A 2018 law passed in Egypt requires ride-hailing services such as Uber and local competitor Careem to supply passenger data to the security agencies when requested to do so. More than 4 million people in Egypt have used Uber since it debuted there in 2014. While human rights advocates expressed
08 May 2018
Although the US rejected a "National Data Center" approach in 1966, eventually instead passing the 1974 Privacy Act, in 2018 the House of Representatives proposed a national database of all 40 million recipients of benefits under the Supplemental Nutrition Assistance Program (SNAP, formerly known as
08 May 2018
In 2018, based on an analysis of 270,000 purchases between October 2015 and December 2016 on a German ecommerce site that sells furniture on credit, researchers at the National Bureau of Economic Research found that variables such as the type of device could be used to estimate the likelihood that a
08 May 2018
In 2018, documents obtained by a public records request revealed that the Los Angeles Police Department required its analysts to maintain a minimum of a dozen ongoing surveillance targets identified using Palantir software and a "probable offender" formula based on an LAPD points-based predictive
08 May 2018
For US citizens who can access benefits, many states use electronic benefit transfer (EBT) cards, which function like debit cards, to distribute benefits. As of 2015, at least 37 states issued Temporary Assistance to Needy Families benefits, also known as welfare, through EBT cards. http://www.ncsl
08 May 2018
In its May 2018 quarterly filing with the Securities and Exchange Commission, Equifax provided its most detailed analysis to date of the company's 2017 data breach. In the US, nearly 147 million people had their names, dates of birth, and/or Social Security numbers stolen; address information was
09 May 2018
In May 2018 Facebook announced it would partner with organisations in places such as Myanmar and South Sudan in order to develop more "context-specific" knowledge about how its platform is being abused to create real risks of harm and violence. In Myanmar, where telephone companies allowed Facebook
10 May 2018
In May 2018, a report form Strathmore University's Centre for Intellectual Property and Information Technology (CIPIT) found that some staff at Kenya's Independent Electoral and Boundaries Commission who were mandated to protect voter data made millions of Kenyan shillings by illegally selling
10 May 2018
In May 2018, researchers in the US and China demonstrated that they could send commands that activate Apple's Siri, Amazon's Alexa, and Google Assistant but that are inaudible to the human ear. The researchers were able to make smartphones and smart speakers dial phone numbers and open websites; the
10 May 2018
The US company Securus provides a cellphone tracking service that can locate almost any cellphone in the US within seconds by obtaining data from major carriers via a system used by marketers and other companies. In 2018, former Mississippi County, Missouri, sheriff Cory Hutcheson was charged in
11 May 2018
In 2018, the Brazil-based Coding Rights' feminist online cybersecurity guide Chupadados undertook a study of four popular period-tracking apps to find which best protected user privacy. Most, they found, rely on collecting and analysing data in order to be financially viable. The apps track more
12 May 2018
Facebook ads purchased in May 2016 by the Internet Research Agency, a notorious Russian troll farm, urged users to install the FaceMusic app. When installed, this Chrome extension gained wide access to the users' Facebook accounts and web browsing behaviour; in some cases it messaged all the user's