Examples of Abuse

Almost everyday a company or government abuses your data. Whether these abuses are intentional or the result of error, we must learn from these abuses so that we can better build tomorrow's policies and technologies. This resource is an opportunity to learn that this has all happened before, as well as a tool to query these abuses.

Please contact us if you think we are missing some key stories.

 

In 2015 Hong Kong's Face of Litter campaign used DNA samples taken from street litter and collected from volunteers to create facial images that were then posted on billboards across the city. The campaign, conceived by PR firm Ogilvy & Mather and organised by online magazine Ecozine and the Nature
The story began with the free Bylock messaging app, which was used between 2014 and 2016 and which the Turkish government associated with treason and followers of Fethullah Gülen, the group they believe was behind the attempted 2016 coup. The app was downloaded roughly half a million times and had
13 Jan 2000
In 2000, Experian entered into a consent decree with the Federal Trade Commission and agreed to pay $1 million to settle charges that the company blocked and delayed incoming phone calls from consumers wishing to discuss the contents of and possible errors in their credit reports. Under the Fair
03 Mar 2003
In 2003, the New Hampshire Supreme Court ruled that information brokers and private investigators may be liable for the harms caused by selling information. In the case in question, Amy Boyer, a young woman, was murdered by Liam Youens, a stalker. Youens obtained her information from Docusearch
30 Jul 2003
In 2000, and then again in 2003, the US Federal Trade Commission fined Equifax for blocking phone calls from consumers trying to get information about their credit or discuss their reports or making them wait for extended periods of time in violation of the Fair Credit Reporting Act. In 1996
08 Aug 2003
In 2003, Acxiom announced that law enforcement officials had notified the company that it had been hacked, and that the attacker had intercepted information in transit between the company and some of its clients via a File Transfer Protocol (FTP) server located outside the company's firewall. The
23 Sep 2003
In 2003, the Electronic Privacy Information Center, Privacy Rights Clearinghouse, and PrivacyActivism filed complaints with the US Federal Trade Commission alleging that JetBlue Airways and Acxiom engaged in deceptive trade practices by supplying personal information about consumers to the Alabama
17 Nov 2003
In 2003, the for-profit privacy company Private Citizen, which helps paying consumers unsubscribe from telemarketers' lists and direct mailing offers, found that Acxiom had begun rejecting the batches of opt-out notices the service sent on behalf of its subscribers. Acxiom insisted that each person
21 Jul 2004
In 2004, the US Department of Justice investigated the theft of 8.2GB of personal data from File Transfer Protocol (FTP) servers belonging to Acxiom between 2002 and 2003. The case was thought to represent the largest case of data theft at the time. Scott Levine, the owner of the email spamming
01 Jan 2005
As early as 2005, Experian began suggesting that its Mosaic consumer classification system, used by retail chains to tailor their stock for local populations could be used by political parties for campaigning. Based on work by Richard Webber, a visiting professor at University College London, Mosaic
21 Feb 2007
In 2007, Experience agreed to pay $300,000 to settle a Federal Trade Commission complaint that the company's ads for a "free credit report" failed to explain clearly enough that consumers who signed up would be enrolled in a credit-monitoring programme costing $79.95 per year. The FTC alleged that
01 Apr 2007
DoubleClick was one of the first companies set up to sell display advertising on the web. Set up in 1996, it went public in 1998, and in 1999 merged with the data collection company Abacus Direct. In response to a 2001 US Federal Trade Commission investigation of the proposed merger, DoubleClick
20 May 2009
In May 2009, University of Cambridge computer science researcher Joseph Bonneau discovered as part of his research that many social network respond to user requests to delete photographs by hiding them while remaining them on their servers. Among the worst offenders were Facebook, MySpace, Bebo, and
23 Nov 2009
The rise of social media has also been a game changer in the tracking of benefits claimants. Back in 2009, the case of Nathalie Blanchard a woman in Quebec who had lost her disability insurance benefits for depression because she looked “too happy” on her Facebook pictures had made the news. https:/
08 Feb 2010
In 2010, customers of the online shoe retailer Zappos, which was acquired by Amazon in 2009, began noticing that recommendations for products they had viewed on the site were following them around the web. The culprit was a then-new practice known as "retargeting", which uses cookies to identify
15 May 2010
In 2010, Google revealed that a data audit required by Germany's data protection authority had revealed that since 2007 the cars deployed to capture images for its Street View project had accidentally captured 600GB of data from local wifi networks, including personal web browsing histories. Google
02 Jun 2010
In 2010, Apple's then-CEO Steve Jobs revealed that the reason his company changed the rules in the written agreement it requires iPhone app developers to sign was due to a report published by the vice-president of the app analytics company Flurry, Peter Farago. In one of its monthly reports on app
10 Oct 2010
In October 2010, the Wall Street Journal discovered that apps on Facebook were sending identifying information such as the names of users and their Friends to myriad third-party app advertising and internet tracking companies. All of the ten most popular Facebook apps, including Zynga's FarmVille
07 Dec 2010
In 2010, Quantcast and Clearspring agreed to settle class action lawsuits brought against them over their use of Flash cookies. Flash cookies are "Local Storage Objects" stored by Adobe's Flash player plug-in; unaffected by browser privacy settings, they can respawn HTTP cookies after a user finds
26 Jan 2011
In early 2011, Facebook launched "Sponsored Stories", an advertising product that used content from members' posts inside ads displayed on the service. Drawing on Likes, check-ins, and comments, a Sponsored Story might use a member's photograph and their comments from a coffee shop to create an ad