Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

User profiles on publicly available websites are not private information.


The vast majority of users do not expect that their digital identity could be stitched together so easily. We can either imply that they deserve this for imagining they had any privacy, or we could take a normative stance and make it difficult to reveal someone’s private information. We have a choice. We can pass laws and ban this nonsense.


If they use the same username on a public site they should expect it. This is common sense. Then again, this is the same world where people voluntarily upload their entire lives to social networks, then complain about "privacy."


The scale makes the difference. Similarly, you don’t expect your appearances in public spaces to be private, but you would likely object if someone could arbitrarily pull video recordings of you and trace your movement through the day.


I bet most of them use the same password with that same username too.


What private information? This links to public profiles.

I would never register an account on Twitter, put information in my public profile, then consider that to be private information that people should not know about. And if I did do that, I did that, this tool did not do that. And the "privacy" is already breached regardless of whether this tool exists or not. That definition of "privacy" is incoherent. Something deliberately shared in a public profile is not private information by definition.


Sorry, but what people expect doesn't matter. What is true is that digital identities are intrinsically linked between sites where the same username is used.

You can't hide behind, "but no one expected that" and expect to live a happy, unsurprising life. There is no law you can pass that will fix this, no matter how much you complain.


But people might be deceived into publishing their information. For example, social networks motivate them to do it by saying things like "make it easier for your friends to find you" or "share photos with your friends" and not saying the truth that the information will be accessible to criminals, marketing companies, corrupt governments, and weird mentally ill people from anonymous Internet forums.


1920: "Don't talk to strangers, sonny". 2020: "Don't say too much about you online, sonny".

I thought the last one was common sense in the 2000 actually. But apparently it was lost together with the netiquette.


"such as an electronic address"


so what is an electronic address?


Yet it's still user's data, and if it's under GDPR article 14 fall into place (you have to inform them that you are using that data, how, for how long, ...)

https://gdpr.eu/article-14-personal-data-not-obtained-from-d...


....if you are an "organization" engaging in "professional or commercial activity." Doxing people for fun isn't covered by GDPR.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: