Examples of Abuse

Almost everyday a company or government abuses your data. Whether these abuses are intentional or the result of error, we must learn from these abuses so that we can better build tomorrow's policies and technologies. This resource is an opportunity to learn that this has all happened before, as well as a tool to query these abuses.

Please contact us if you think we are missing some key stories.

 

22 Nov 2018
In the run-up to the May 2019 European Parliament elections, Google announced it would launch a new set of transparency tools to combat voter manipulation. Before being allowed to buy advertising on Google platforms, campaigns will be required to verify their identity, and approved ads will be
22 Nov 2018
In November 2018, the Spanish senate approved 220-21 an online data protection law intended to ensure compliance with the General Data Protection Regulation with an added amendment that allowed political parties to use personal data obtained from web pages and other publicly accessible sources for
27 Nov 2018
In November 2018 the UK Information Commissioner's Office fined Uber's European operation £385,000 for inadequate security that permitted a November 2016 data breach affecting nearly 3 million British users and 82,000 drivers. In the 2016 breach, attackers obtained credentials that allowed them to
30 Nov 2018
Following Ms. Vestager’s investigation into Amazon and its own sector enquiry into online price comparison services in October 2017, in June 2018 the German Federal Cartel Office (“Bundeskartellamt”) claimed that it “ received a lot of complaints” and is said to be “ looking at the role and market
01 Dec 2018
In December 2018, a hacker made more than 50,000 internet-connected printers worldwide print out flyers asking everyone to subscribe to the YouTube channel belonging to PewDiePie, whose real name is Felix Kjellberg. PewDiePie, who has had the most subscribers on YouTube since 2013, was in danger of
02 Dec 2018
Days after the 2018 shooting that killed 11 Jewish congregants in a Pittsburgh synagogue, The Intercept found that Facebook still allowed advertisers to choose "white genocide conspiracy theory" as a targeting criterion, capturing 168,000 members of the social network. The technique used was the
04 Dec 2018
During the campaign leading up to the 2018 US midterm elections, the email accounts of four senior aides at the National Republican Congressional Committee were surveilled for several months. The intrusion was detected in April 2018 by an NRCC vendor, who alerted the committee and its cybersecurity
04 Dec 2018
In Israel, the National Insurance Institute – in charge of granting benefits – eventually dropped a tender that had caused outrage in the country after being uncovered by Haaretz and Channel 13. The tender revealed the NII was trying to collect online data about benefits claimants – including from
09 Dec 2018
A December 2018 analysis found that Facebook's measures for improving election security and discouraging anonymous political messages were poorly executed and inconsistently applied, and placed an unfair burden on charitable organisations and small businesses while simultaneously being easy for
13 Dec 2018
In December 2018 reports emerged that the Indian Electoral Commission would propose amendments to the Representation of the People Act 1951 that would require citizens to link their Electoral Photo ID Card to their Aadhaar number with the stated goal of improving the accuracy of the electoral rolls
14 Dec 2018
The New York City public benefits system has been criticized for its punitive design, how it too often disciplines, rather than helps, people who are legally entitled to benefits. According to Mariana Chilton, the public benefits system is designed to control, surveil, and penalize low-income people
14 Dec 2018
In December 2018 Facebook revealed that over a 12-day period in September a software bug may have wrongly allowed about 1,500 third-party apps to access 6.8 million users' photos, including some that people began uploading to the social network but didn't go on to finish posting. EPIC executive
17 Dec 2018
A December 2018 analysis of the use of Facebook by Matteo Salvini and Luigi Di Maio, Italy's two populist leaders, showed that the two exploited Facebook's streaming video and live broadcast services to bypass the mainstream media and foment discord during the March 2018 Italian general election
18 Dec 2018
A December 2018 report prepared by the Oxford Internet Institute's Computational propaganda Research Project and the network analysis firm Graphika for the US Senate Intelligence Committee found that the campaign conducted by Russia's Internet Research Agency during the 2016 US presidential election
20 Dec 2018
In 2015, officials within the US Treasury Department Office of Terrorist Financing and Financial Crimes unit used a network of private Gmail and Hotmail accounts set up by the Russians with the stated goal of jointly defeating ISIS. Soon, however, instead the Russian financial crimes agency was
21 Dec 2018
In November 2018, the criminal hacker group 3ve found a new way of exploiting security weaknesses in the Border Gateway Protocol that allowed them to take control of IP addresses belonging to the US Air Force and other reputable organisations; the result was to net them $29 million in fraudulent
26 Dec 2018
A startling amount of the internet is fake in one way or another, studies found in 2018. Less than 60% of web traffic is human; a 2013 study found that at least half of YouTube traffic was bots masquerading as people; in November 2018 the US Justice Department revealed that eight people were accused
26 Dec 2018
Shortly after the 2016 US presidential election, LinkedIn founder and billionaire Reid Hoffman made a series of multi-million-dollar donations to dozens of left-leaning groups. Among them was American Engagement Technologies, in which Hoffman invested $750,000. In 2018, Hoffman wound up apologising
27 Dec 2018
In 2014, when the the far-right party of French politician Marine Le Pen needed cash, the loan of €9.4 million came from First Czech-Russian Bank, which was founded in the early 2000s as a joint venture between a Czech state bank and a Russian lender and went on to come under the personal ownership
27 Dec 2018
In December 2018, the security researchers at 0DayAllDay discovered that the encryption keys hard-coded into the firmware inside the Guardzilla indoor wireless security system were protected by a ten-year-old, easily cracked algorithm. Because all the devices used the same keys, anyone could use the