[13of40]

It might actually already exist, but imagine if on the other side of the internet they aggregate all of your usage information so that a tech can sit down at one console and see that "jimbo123" on Reddit is actually Bob Smith who lives on Sunnydale drive, owns a Subaru Outback, bought dogfood three times this month, and has been talking about the war a bit more this week on his other social media accounts. Anyone who is willing to pay the enterprise-level subscription fee can access it, including banks, potential employers, etc. and it's entirely composed of information you handed over via EULAs and TOS agreements.

[andylynch]

I’m sure this exists in multiple places, not least Cheltenham, Fort Meade, Canberra and Beijing (hi guys!).

[13of40]

Funny story - I had to go to Cheltnam on business a couple of years ago, and while I was there I was getting banner ads trying to recruit me to GCHQ. I'm guessing their staffing people don't have access to the whole file, because they were trying to recruit a foreign national with no security clearance for a job that pays 1/3 of what they're already making.

[082349872349872]

A single 1TB thumb drive could easily hold hundreds of flags for every human on the planet. Actual foreign keys, not so many ... but I'm pretty sure all of the places mentioned above have fancier infra than a single pluggable mail order drive.

Compare the Stasi's reach, with only typewriter & notch card level automation.

[ASalazarMX]

Hi, Andy!

[alkonaut]

I’m sure even an amateur without access to any secret data could do this for a large chunk of users already. I’m guilty of re-using online handles and some times associating it with a public email and so on. Once that leads to my social media accounts, there is very little left to find. I think most users practice this non-existent opsec.

[MonkeyMalarky]

Acxiom says hello.

[13of40]

Thank you - that's truly horrifying. I put in a request to get my file from them, but based on their security questions they have my whole public profile. Whether they can map it to social media accounts and purchases isn't clear yet.

Edit: They have pinky-sworn to email me my data some time in the next 45 days.

[MonkeyMalarky]

I'm not sure about the social media activity either but as a data broker they're selling the consumer activity. Anyone else who happens to have your social activity, phone, zip and email is free to buy it from them and link it together. Problem is you fork over all those identifiers for KYC whenever you sign up for something and buried in the T&C will be a clause allowing them to share your data for business activities.

[juancn]

I assume this to be true already, so I assume all my posts are public and will be seen by coworkers and family, so I'm very careful on what I post online.