Noblemen, Purchased Lists and E-Pending: Intellia, a part of Suomen Asiakastieto Oy
A story of how a nobleman may have helped the fight against e-pending in Finland merely by existing and having his own biz.
A few weeks ago, I spotted a spam that I figured had to have been sent to a purchased list. (Nothing new there.)
It was sent through MailChimp, who wasted no time applying their AUP to this sender.
The message indicated it had been sent to a list of “financial directors in the capital city region”. This does not meet the Section 25 (Personal Data Act 523/1999) requirements for describing your list in a bulk email, so, out of curiosity, I decided to give the senders a call.
The sender volunteered the information that they had purchased lists from Intellia Oy, which was recently purchased by the grand old folks of Finnish B2B spam list sales, Suomen Asiakastieto Oy.
So, I wrote to the Data Protection Ombudsman, letting them know that there had been email marketing from this company and how they announced their address list. I informed them that the list contains e-pended addresses for CEOs; that is, addresses generated by retrieving CEO’s’ names from the Trade Register, Web addresses for the same companies from the Finnish Biz Info System, and combining these two to create email addresses that sometimes end up being a little less than correct, such as because everybody doesn’t use their first name, but middle name, only a part of their first name if it’s a combined one (“James-Peter”), and so on.
I asked the Ombudsman to forbid Intellia Oy under threat of fines from creating personal data by guessing and from selling such generated data. I also asked him to forbid Company X from processing e-pended personal information for the purpose of electronic direct marketing or anything else:
Aiemmin tänään tuli sähköpostimarkkinointia X-nimiseltä yritykseltä. Osoitelistaksi ilmoitettiin “Talousjohtajat, pääkaupunkiseutu” ja puhelimessa kysyttäessä täsmensivät että ovat ostaneet listan Intellia Oy:ltä.
Lista sisältää keksittyjä toimitusjohtajaosoitteita; siis kaupparekisteristä toimitusjohtajien nimet, YTJ:stä www-osoite, ja näistä yhdistelemällä luotuja sähköpostiosoitteita, joiden oikeellisuus menee välillä vähän niin ja näin koska kaikki eivät käytä ensimmäistä etunimeään ym.
Pyydän tietosuojavaltuutettua kieltämään uhkasakon nojalla Intellia Oy:tä luomasta henkilötietoja arvaamalla ja myymästä laittomasti generoituja henkilötietoja edelleen. Pyydän tietosuojavaltuutettua kieltämään X:tä käsittelemästä arvaamalla luotuja henkilötietoja sähköiseen suoramarkkinointiin tai mihinkään muuhunkaan tarkoitukseen.
The Ombudsman took a month to respond, but they eventually did. They’re real interested in why I think this is the case and asked for proof.
I just happened to have something I could share with them. Two years ago, I purchased a domain name that had, way back when, belonged to the one-man shop of somebody I knew in the eighties. My acquaintance had given up maintaining the domain, but the biz is still in the FBIS. Meanwhile, the domain had been registered by a domain hoarder.
My old friend happens to be a nobleman. He has a surname that consists of several parts separated by spaces, “Kent of Krypton” if you will. He goes by “Clark Kent” in everyday life, but the Biz Reg has his full name, “Clark Arthur William Kent of Krypton”. Now, since the Biz Reg has some kind of a rule that the real surname must appear last, what they really have there is “of Krypton, Clark Arthur William Kent”.
How did the e-penders fare? of.kent@domain.example
, of course. It doesn’t get much more obviously e-pended than that.
(The guy who is referred to in the earlier article got the same spam and will be corroborating these facts to the Ombudsman.)
Die, e-pending in Finland, die.
Pingback: Marriage made in Hell: Emaileri and Suomen Asiakastieto » MainSleaze