Examples of Abuse

Almost everyday a company or government abuses your data. Whether these abuses are intentional or the result of error, we must learn from these abuses so that we can better build tomorrow's policies and technologies. This resource is an opportunity to learn that this has all happened before, as well as a tool to query these abuses.

Please contact us if you think we are missing some key stories.


02 Aug 2013
In August 2013, a jury in the Portland, Oregon Federal District Court awarded Julie Miller $18.4 million in punitive damages when despite two years of complaints and filings Equifax failed to rectify errors in her credit report that blocked many aspects of her financial life. Miller had followed the
04 Sep 2013
In 2013, 44 years after Acxiom went into business selling consumer data, the company opened a website, aboutthedata.com, to allow Americans to see the data the company holds about them and make it easier to opt out of tracking. However, using the site requires visitors to input a substantial amount
21 Sep 2013
In 2012, when the French company Criteo filed with the Securities and Exchange Commission to go public, it cited its data assets and the accuracy of its algorithms as a crucial part of its valuation. The company said that every day it was presented with billions of opportunities to connect
13 Oct 2013
In 2013, detailed personal information being sold by the fraudster-friendly underground service Superget.info was found to have been bought from CourtVentures, a public records aggregator bought by Experian in 2012. In late 2013, Superget.info's operator, 24-year-old Vietnamese national Ngô Minh
02 Nov 2013
In Israel, the National Insurance Institutes sends out anti-fraud officers to spy on benefits claimants. Among the cases reported, a woman had her benefits allowances halved after a man entered her house pretending to be interested in buying the flat next door. The man, who was in fact a NII
11 Dec 2013
In this 2013 piece, Virginia Eubanks discuss the move in Indiana from relying on caseworkers to automating the distribution of benefits and how through the use of performance metrics to speed up the decision-making process, the system ended up being incentivising the non-distribution of benefits
23 Dec 2013
In August 2016, Oracle's MICROS division, one of the top three global point-of-sale vendors, was hacked by the Carbanak Gang, a Russian organised cybercrime group known for hacking into banks and retailers. In 2014 when Oracle acquired it, MICROS' systems were in use at more than 200,000 food and
08 Jan 2014
In 2014, Acxiom's chief product and engineering officer, Phil Mui, described the system the company had been building to link individuals' activities across the many channels, devices, and applications they use. A single individual may accumulate four different personas via 24 cookies across six
15 Jan 2014
Virginia Eubanks explains what we can draw from understanding the experience of surveillance of marginalised groups: it is a civil rights issue, technologies carry the bias of those who design them, people are resisting and why we need to move away from the privacy rights discourse. https://prospect
24 Jan 2014
In 2014, DataKind sent two volunteers to work with GiveDirectly, an organisation that makes cash donations to poor households in Kenya and Uganda. In order to better identify villages with households that are in need, the volunteers developed an algorithm that classified village roofs in satellite
21 Mar 2014
This article is an overview of some of the research documenting how people in vulnerable positions are the ones most affected by government surveillance. https://stateofopportunity.michiganradio.org/post/technology-opportunity-researcher-says-surveillance-separate-and-unequal Author: Kimberly
15 May 2014
In 2013 and 2014, Quantcast's CEO, Konrad Feldman, claimed that real-time bidding, the latest trend in advertising technology, was providing a new way to game advertisers. RTB, also known as "programmatic" advertising, uses cookies to track what users have looked at and then retarget them through
21 Jun 2014
In 2014, NYC Planning Labs Chris Whong was sent and made public a complete a complete dump of historical trip and fare logs from New York City taxis in response to a Freedom of Information request. The more than 20GB of uncompressed data comprising more than 173 million individual trips included
25 Jul 2014
Nearly 700,000 Facebook users were subjects of a research study where researchers changed randomly selected users' newsfeeds to be more positive or negative to study whether those users then displayed a more positive or negative affect in response. The experiment showed the power of Facebook's control over the News Feed and the algorithms that determine which of the possible pieces of content shows up at the top at any given moment.
19 Dec 2014
In 2014, researchers at Princeton University outlined an attack that uses multiple third-party cookies to link traffic so that individual users can be identified and tracked from anywhere in the world. A nation-state wishing to surveil particular users outside its jurisdiction, for example, may have
07 Jan 2015
In 2015, Turner Broadcasting, a semi-autonomous division of AT&T's Warner Media announced it would integrate offerings from Episilon, Krux, and Oracle into its data management platform, which powers its ads. Oracle and Epsilon help bring in offline and multichannel consumer data, while Krux bridges
10 Feb 2015
In October 2015, Experian announced that a breach of its computer systems exposed the Social Security numbers and other data of approximately 15 million people who applied for financing from the mobile network operator T-Mobile USA, to which Experian supplied credit assessment services. Experian
05 Apr 2015
Because banks often decline to give loans to those whose "thin" credit histories make it hard to assess the associated risk, in 2015 some financial technology startups began looking at the possibility of instead performing such assessments by using metadata collected by mobile phones or logged from
13 Apr 2015
In 2016, Tapad launched a partnership with the location-based ad targeting firm Placed to provide a service measuring the impact of digital advertising on in-store sales. Tapad sends anonymous campaign data to Placed, which has a panel of more than 500,000 users who have opted in. Placed measures
13 Apr 2015
In 2014, Tapad claimed its system for matching consumers across multiple devices protected privacy because it relied on probabilistic matching rather than a deterministic approach that builds on personally identifiable information. The deterministic approach relies on logins - for example, an