How did Tinkebell obtain all that personal information

21 April 2012

Almost three years ago, artists Tinkebell and Coralie Vogelaar published the book Dearest Tinkebell, in which they revealed the identity, photos, addresses and all sorts of embarrassing personal information about people who had sent hate mail to ‘cat murderer’ Tinkebell. The book is again drawing attention because of an article in the Guardian.

How did Tinkebell go about investigating the people who had made threats against her? “By checking whether the email addresses were registered at other websites as well, she could easily discover the identity of many of the people who had made threats against her”, the Volkskrant wrote. In this way, she got access to ‘Facebook profiles, Amazon wish lists and Youtube accounts’.

Of course, it wasn’t as easy as the Volkskrant suggests. In a supplement to the book, Vogelaar describes five steps to find out the identity of a mailer. Step 1 simply consists in googling the email address. “Often this only resulted in comments on blogs and sometimes a small profile but rarely in a full name.”

Apparently, the interesting information didn’t usually surface until step 2, in which the email addresses were linked to the Rapleaf database (steps 3 to 5 are mainly about verifying the information). When Tinkebell and Vogelaar published their book, nobody had heard about that company. That changed in 2010, when the Wall Street Journal created a bit of a fuss with a series of articles on the trade in personal information, under the title ‘What they know’.

One of the main companies active on this market is Rapleaf, which at the time claimed it had one billion email addresses at its disposal. These addresses are linked with data on your social network activity, your purchases and other information. In this way, the company builds a detailed profile of you. A spokesperson said at the time that Rapleaf never reveals people’s names to clients, but Vogelaar and Tinkebell had already shown that you can easily obtain someone’s identity with the data provided by the company – and much more.

21 April 2012 | Categories: data, privacy | Nederlands