• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Michele Neylon :: Pensieri

Michele Neylon :: Pensieri

Technology, Marketing, Domains, Thoughts

My Privacy Has Been Sold

September 11, 2023 by Michele Neylon Leave a Comment

It’s 2023. I’ve been working “online” in some shape or form since the late 90s. While I may not know how “everything” works online, I have been doing this stuff for long enough to not be a completely naive idiot. Or at least I hope I’m not!

However sometimes even I am surprised and a little shocked at how some companies play fast and loose with privacy and data.

What happened?

Last week I got.a cold call on my mobile. That was odd, as my mobile phone number is not “public”. It’s not on my business cards, my email signature or anywhere public that I’m aware of. Sure, you can easily get your hands on multiple email addresses that I use, my home address or my work phone number. But my mobile? Not as easily.

So, naturally, I asked the person who’d rung me how they got the number. They lied to me. Telling me they’d got it at an event, which I had’t attended, then trying to assert that one of my staff had provided the number. When I mentioned such inconvenient things like data protection law, privacy and GDPR they finally admitted where they got the information. A data broker called Lusha.

I’d never heard of this company called Lusha and I most certainly had never given them permission to process my personal data or breach my privacy.

They have quite a slick website but basically they seem to “enrich” data for businesses who want to cold call people and businesses. So they’ll take a public data source, which in my case could be my Linkedin profile, and then they’ll add more details they’ve got from other sources.

Now as I said, I’d never consented to my private data being shared with or processed by this company and until I got the phone call the other day I’d never heard of them. To say that I was not amused is a gross understatement – I was absolutely seething.

I’ve since explored their website and have used the various forms on their site to:

  • check what data about me they hold
  • request its deletion

In the process of doing that I made some quite disturbing discoveries.

Apparently a chunk of the data they share with their clients comes from other clients and how they get it is rather disturbing.

Lusha have what they call a “community” which has a very loose set of rules applied to it and I’d suspect next to no actual compliance function.

Once a Community user agrees to our Code of Conduct (the”Code”) and installs one of Lusha’s products, Lusha will synchronize their business email with our database.

What does that mean? “synchronize their business email with our database” is pretty damn scary.

Lusha’s product accesses professional business network contact information such as email headers and signatures to validate and update our data sources into one, accurate, and up-to-date business profile, which is used by Lusha’s customers and Community members. Lusha confidentially transfers Community members’ business contacts, removes outdated information, and combines it with our database.

My read of that is that they’re essentially parsing every email on your computer and sucking out all the “useful” personal data they can get from it.

If you’ve used a modern smart phone like an iPhone you’ll often see it will have worked out that a contact has a new phone number or other contact point and suggest that you update your address book. While that might be a little creepy, it’s also very useful. But most importantly it’s YOUR data on YOUR device about YOUR contact. It’s not being shared with others. It’s not like it’s being used to “enrich” somebody else’s product.

How on earth can Lusha’s approach to privacy and personal data be legal?

Why on earth are Irish companies using data from these people to make sales calls?

I requested the full record that they had on me and I also requested that they delete it. I’ve no idea how long it’ll take them to do that nor if they’ll even delete the data properly and fully.

Funnily enough the data they had on me wasn’t that good – though they did have valid email and phone numbers for me. So they not only breached my privacy under GDPR but also failed on accuracy side – I had no way of correcting it either as I was unaware of the data’s existence until last week!

Related Posts:

  • Photo of old hand written letters on a desk with some pencils and pens
    I Sometimes Yearn For Simpler Times
  • Growing my own Salad Ingredients
    Growing my own Salad Ingredients
  • Don't Treat People (or Businesses) Like Lab Rats Princeton
    Don't Treat People (or Businesses) Like Lab Rats Princeton
  • Upping My Card Game a Little
    Upping My Card Game a Little
  • book lover concept
    How Many Books Should I Read?
  • Irish Charity Christmas Cards
    Irish Charity Christmas Cards

Filed Under: rant

Michele is founder and CEO of Irish hosting provider and domain name registrar Blacknight. Read More…

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

Newsletter Signup

Join my newsletter

Please wait...

Thank you for signing up!

dotblog founder

Most Recent Posts

The Irish Postal Service Failed Me!

My Privacy Has Been Sold

Jam and Chutney Season

Luke Combs’ Version of Fast Car

Dodgy WordPress Developer Tactics


Mastodon

Archives

  • Instagram
  • Twitter

Pages

  • About Me
  • About This Site
  • Archives
  • Comments Policy
  • Contact Me
  • Newsletter
  • Privacy

Blogroll

  • Damien Mulley
  • Grandad
  • Technology.ie Podcast
  • Tom Doyle
  • Paul Savage – BlackDog SEO

Footer

Site hosted in Ireland by Blacknight - Content copyright Michele Neylon

Copyright © 2023 · Magazine Pro on Genesis Framework · WordPress · Log in