[BreachExchange] Cache Of 70, 000 Leaked OkCupid Profiles Taken Down Following Copyright Notice

Inga Goddijn inga at riskbasedsecurity.com
Wed May 18 22:29:06 EDT 2016


http://www.techtimes.com/articles/159277/20160518/cache-of-70-000-leaked-okcupid-profiles-taken-down-following-copyright-notice.htm

Last week, a team of Danish researchers intentionally leaked
<http://www.techtimes.com/articles/158482/20160514/researchers-intentionally-leak-70-000-okcupid-profiles-for-science.htm>
information
of 70,000 profiles on online dating website OkCupid.

The researchers used automated software to scrape data from the profiles of
users and then published the information online on the Open Science
Framework. The real names of the users remain hidden, but their user names
and locations are accessible, along with their answers to the questions
asked by the website and its app.

The researchers underlined the fact that the data was publicly available,
but collecting information on a massive scale without the consent of users
could be considered a major privacy breach. Many privacy advocates have
called
<http://www.techtimes.com/articles/158498/20160515/okcupid-leaking-70-000-okcupid-users-personal-data-in-name-of-science-is-not-ok.htm>
the
actions of the researchers as unethical.

In the latest update regarding the incident, the Open Science
Framework has taken
down
<http://retractionwatch.com/2016/05/16/publicly-available-data-on-thousands-of-okcupid-users-pulled-over-copyright-claim/>
the
dataset uploaded by the researchers. The data was removed due to a
copyright notice that was sent by OkCupid to the website.

"The repository is currently unavailable due to a [Digital Millennium
Copyright Act] claim sent by OkCupid. It's unclear to me which part they
claim copyright on," said Emil Kirkegaard, a masters student at Denmark's
Aarhus University and one of the researchers behind the debacle.

The DMCA, a law in the United States that allows companies to request for
data to be taken down from websites, is often utilized by companies to
prevent <http://motherboard.vice.com/read/okcupid-research-paper-dmca> hacked
data from being shared.

Aarhus University has disavowed
<https://twitter.com/AarhusUni/status/731088637547446272> Kirkegaard,
claiming that his research and his methods are not considered to be
practices tolerated by the institution. The university has launched its own
investigation into the case.

Kirkegaard and his fellow researchers believed that they did not need to
ask permission from OkCupid's users, as all the information from the
profiles can be searched through Google. The researchers did not expect
their work to lead to such controversy, as they only wanted to contribute a
dataset to the Open Science Framework that other researchers can use.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160518/091ca32d/attachment.html>


More information about the BreachExchange mailing list