As many of you know, I am a self obsessed data junkie and pretty much collect data on just about anything I can, data for me is an obsession, and how I stay ahead of the game.

But the data I collect is the information that YOU allow me to collect, be it actively, or passively…for example:

If you fill in a form on my site and provide me with a name and email address then I will store that, this is the information I will use to contact you, to send you updates, articles etc. But I also collect passive data, this is data you provide me, but don’t implicitly tell me to collect, for example:

When you fill in a form on one of my sites, I also collect the following information; The operating system you use, browser type, screen size, and most importantly your IP address.

Now your IP address is an interesting one, because from that I can also get the country you are from, the city you live in (with an 82% accuracy rate), your Internet Service Provider, your time zone, and a rough estimate of your connection speed.

Now this might sound scary, but this information is all publicly available… by providing me with just one thing (your IP address) I can start to build a profile on you. Legally. (The sites where I do this have a simple privacy policy and P3P digital policy clearly outlining these actions).

Now the above is just me being honest with you about the kinds of data I collect, but the point of this post is that I came across a great article today on profiling people with just their email address.

Now this technique is quite probably illegal in certain parts of the world, and without a doubt breaks terms of service, and I am not in any way, shape, manner, or form endorsing this. But it should make you think a little more about what kind of data you are giving away every day for the unscrupulous marketer to acquire.

What am I talking about?

Mining facebook for profile information.

Let’s assume I have a mailing list of 10,000 people and I want to profile that list and sort them by gender. Facebook has now given me the tools to do it.

Due to recent privacy changes, facebook now makes the following information available…

Full Name, Gender, Ethnicity, Age, Interests, Location, Job, Education Level.

So, how do I mine this?.

All you need to do is create a new facebook profile and when given the option of finding your friends on facebook simply upload a CSV file of your customers / targets email addresses, all of the facebook accounts which have matching email addresses will show up, then either go through by hand (not!), or get a coder to write you a nice script to do this automatically.

It might sound complicated but here at the labs this could be easily be accomplished in a couple of hours.

Scary.

Officially facebook have said

“We’ve developed several systems to detect and block malicious use of the Friend Finder,” Noyes said. “For example, we don’t allow users to upload contact lists past a certain size. We also block users who upload contacts at an anomalous rate.”

In reality, this can easily be subverted with multiple facebook accounts and IP rotating.

Now like I said above, I don’t endorse this, and certainly will not be doing this, but I just wanted to point out how much information you are exposing every day by joining sites, filling in forms, and not looking at privacy policies..