[Gnso-epdp-team] Data enrichment companies

Tue Dec 10 17:59:59 UTC 2019

Still waiting for Facebook to publish a verified whois of their account 
holders ;-)

Best,

Volker

Am 09.12.2019 um 09:46 schrieb Ayden Férdeline:
> I don't want to disagree with someone from my own stakeholder group, 
> but I don't understand how this is a "quick solution to the SSAD 
> problem"? These services contain names, emails, and LinkedIn URLs - I 
> don't see how these are substitutes for the data elements in Whois. 
> And how are you even meant to know who to search for in one of these 
> third-party services, absent the name of a registrant? These 
> third-party services that pull in random data sets should be reigned 
> in, not what we recommend others turn to locate/trace a registrant.
>
> Ayden Férdeline
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> On Monday, December 9, 2019 3:44 AM, Mueller, Milton L 
> <milton at gatech.edu> wrote:
>
>> I am wondering how many of the people involved in EPDP are familiar 
>> with data enrichment companies such as People Data Labs.
>> If you're not you may be amazed at how vast is the number of people 
>> encompassed in their records, and how many data points are aggregated 
>> in them. As we battle mightily over how much disclosure of measly 
>> Whois records we will allow and under what circumstances, it might be 
>> useful to take a look at this article, 
>> https://www.dataviper.io/blog/2019/pdl-data-exposure-billion-people/
>>
>> There you will see a storehouse of names, email addresses, phone 
>> numbers, social media profile information and physical addresses for 
>> 1.2 billion people, all available for subscribers to this service and 
>> - in this bizarre case - all of it exposed to anyone with the right 
>> IP address due to a configuration error of an Elasticsearch server.
>>
>>  Based on my exposure to these data enrichment services, I think we 
>> may have found a quick solution to the SSAD problem. One could 
>> conclude that we don't need one at all, because any serious requestor 
>> can get a ton of data about virtually anyone on the internet - 
>> automatically, instantly - by using one of these services.
>> <https://www.dataviper.io/blog/2019/pdl-data-exposure-billion-people/>
>> 	
>> 1.2 billion people exposed in data leak includes personal info, 
>> LinkedIN, Facebook 
>> <https://www.dataviper.io/blog/2019/pdl-data-exposure-billion-people/>
>> On October 16, 2019 Bob Diachenko and Vinny Troia discovered a 
>> wide-open Elasticsearch server containing an unprecedented 4 billion 
>> user accounts spanning more than 4 terabytes of data.. A total count 
>> of unique people across all data sets reached more than 1.2 billion 
>> people, making this one of the largest data leaks from a single 
>> source organization in history.
>> www.dataviper.io
>>
>> I'll leave you all with that thought. See you Tuesday.
>>
>> Dr Milton L Mueller, Professor
>>
>> School of Public Policy
>>
>> Georgia Institute of Technology
>>
>> Internet Governance Project <https://internetgovernance.org>
>>
>>
>
>
> _______________________________________________
> Gnso-epdp-team mailing list
> Gnso-epdp-team at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-epdp-team
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-- 
Volker A. Greimann
General Counsel and Policy Manager
*KEY-SYSTEMS GMBH*

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net

Key-Systems GmbH is a company registered at the local court of 
Saarbruecken, Germany with the registration no. HR B 18835
CEO: Alexander Siffrin

Part of the CentralNic Group PLC (LON: CNIC) a company registered in 
England and Wales with company number 8576358.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20191210/6040f1bc/attachment-0001.html>