As discussed in my last blog post, the scumsuckers at Apollo.io have been giving out my personal details. Not only did they have my email address, they also had a copy of one of my phone numbers. I asked them where they got it from and they said: Your phone number came from Parsely, Inc (wpvip.com) one of our customers who participates in our customer contributor network by sharing their…
Continue reading →
Like all good nerds, I generate a unique email address for every service I sign up to. This has several advantages - it allows me to see if a message is legitimately from a service, if a service is hacked the hackers can't go credential stuffing, and I instantly know who leaked my address. A few weeks ago I signed up for BrowserStack as I wanted to join their Open Source programme. I had a few…
Continue reading →
In the battle between the Online Safety Act and GDPR, who will win? FIGHT! I'll start by saying that I'm moderately positive on Online Safety. If services don't want to provide moderation then they shouldn't let their younger users be exposed to harm. The social network BlueSky has taken a pragmatic approach to this. If you don't want to verify your age, you can still use its services - but it…
Continue reading →
QR codes are brilliant. They're a simple way to allow users to easily and quickly go to the right URl - no matter how complex. No more worrying about typing in long addresses or figuring out if that's a letter O or the number O. Scan and go! The best thing about QR codes is that they're free. It doesn't cost any money to generate one. They're an open standard with no middle-men. Users can go…
Continue reading →
It's always fun keeping your network inspector tab open. While looking around the O2 UK website, I found this page all about eSIMs. For some reason, it wants to know the user's phone number. I put in a random number, and it refused to let me in. Putting in a genuine O2 number let me through. So what is it doing to validate numbers? It is making an API call to this URl: …
Continue reading →
Privacy is a funny concept, isn't it? Very few people want the whole world to know what medical complaints they have. But most hospitals are open-access buildings, where the waiting rooms have large monitors to tell patients that their doctor is running late. A few years ago I was sat in the proctology waiting room. Anyone who knew me would have seen I was waiting for an bum doctor. They may…
Continue reading →
I used to work in a call centre for a Very Big Company. Every week, without exception, we'd get a bunch of new starters to train. And every week, without exception, a newbie would be fired after looking up a famous person's data. This was in the days before GDPR. There was a lot less general awareness of data protection issues. It didn't matter how often will drilled it into trainees' heads -…
Continue reading →
I returned home from holiday to a pile of letters. Mostly junk, a few Christmas cards, and something from the NHS. This is what the envelope looked like: As it happens, I'm not particularly concerned about who knows I had a fairly normal medical procedure. I've blogged a bit about it and Tweeted about the experience in an attempt to de-stigmatise it. Terence Eden is on Mastodon@edentReplying …
Continue reading →
Welcome to acronym city! The Court of Appeal of Brussels has made an interesting ruling. A customer complained that their bank was spelling the customer's name incorrectly. The bank didn't have support for diacritical marks. Things like á, è, ô, ü, ç etc. Those accents are common in many languages. So it was a little surprising that the bank didn't support them. The bank refused to spell their c…
Continue reading →
tl;dr you have to keep complaining to Virgin for several months and then take them to the Communication & Internet Services Adjudication Scheme then complain to their Data Protection team by contacting them on LinkedIn. Background Virgin have a spammy DNS hijacking service. If you accidentally misspell a domain - for example example.coom - Virgin will pretend that the domain exists and serve…
Continue reading →
Back in 2011, I sold all of my shares in my former employer and used the money to buy solar panels. I closed my account at the same time. Or so I thought Fast-forward 9 years, and I was surprised to receive an unwanted email from the corporate shareholding service. It was some nonsense about their corporate rebranding. I dropped them a note saying that I hadn't been a customer for many years…
Continue reading →
It has been over a year since I cancelled my Cloudflare account. They keep emailing me and haven't taken me off their marketing lists despite repeated requests. Their CTO told me he would investigate, but nothing changed. Their Data Protection Office hasn't respond to my requests. Cloudflare do not appear to respect the GDPR. I've escalated this to the highest levels of Cloudflare, but they…
Continue reading →
