INSUBCONTINENT EXCLUSIVE:
In what appears to be the latest salvo in a new, wired form of protest, developer Sam Lavigne posted code that scrapes LinkedIn to find
Immigration and Customs Enforcement employee accounts
His code, which basically a Python-based tool that scans LinkedIn for keywords, is gone from Github and Gitlab and Medium took down his
The CSV of the data is still available here and here and WikiLeaks has posted a mirror.
&I find it helpful to remember that as much as
internet companies use data to spy on and exploit their users, we can at times reverse the story, and leverage those very same online
platforms as a means to investigate or even undermine entrenched power structures
It a strange side effect of our reliance on private companies and semi-public platforms to mediate nearly all aspects of our lives
We don&t necessarily need to wait for the next Snowden-style revelation to scrutinize the powerful — so much is already hiding in plain
sight,& said Lavigne.
Doxxing is the process of using publicly available information to target someone online for abuse
Because we can now find out anything on anyone for a few dollars & a search for &background check& brings up dozens of paid services that
can get you names and addresses in a second & scraping public data on LinkedIn seems far easier and innocuous
That doesn&t make it legal.
&Recent efforts to outlaw doxxing at the national level (like the Online Safety Modernization Act of 2017) have
stalled in committee, so it not strictly illegal,& said James Slaby, Security Expert at Acronis
&But LinkedIn and other social networks usually consider it a violation of their terms of service to scrape their data for personal use
The question of fairness is trickier: doxxing is often justified as a rare tool that the powerless can use against the powerful to call
attention to perceived injustices.&
&The problem is that doxxing is a crude tool
The torrent of online ridicule, abuse and threats that can be heaped on doxxed targets by their political or ideological opponents can also
rain down on unintended and undeserving targets: family members, friends, people with similar names or appearances,& he said.
The tool
No one would fault a job seeker or salesperson who scraped LinkedIn for targeted employees of a specific company
That said, scraping and publicly shaming employees walks a thin line.
&In my opinion, the professor who developed this scraper tool isn&t
breaking the law, as it perfectly legal to search the web for publicly available information,& said David Kennedy, CEO of TrustedSec
&This is known in the security space as ‘open source intelligence& collection, and scrapers are just one way to do it
That said, it is concerning to see ICE agents doxxed in this way
I understand emotions are running high on both sides of this debate, but we don&t want to increase the physical security risks to our law
enforcement officers.&
&The decision by Twitter, Github and Medium to block the dissemination of this information and tracking tool makes
sense & in fact, law enforcement agents& personal information is often protected
This isn&t going to go away anytime soon, it only going to become more aggressive, particularly as more people grow comfortable with using
the darknet and the many available hacking tools for sale in these underground forums
Law enforcement agents need to take note of this, and be much more careful about what (and how often) they post online.&
Ultimately, doxxing
Because we place our information on public forums there should be nothing to stop anyone from finding and posting it
However, the expectation that people will use our information for good and not evil is swiftly eroding
Today, wrote one security researcher, David Kavanaugh, doxxing is becoming dangerous.
&Going after the people on the ground is like shooting
Decisions are made by leadership and those are the people we should be going after
Doxxing is akin to a personal attack
Change policy, don&t ruin more lives,& he said.
