this post was submitted on 12 Sep 2025
1 points (100.0% liked)

Malicious Compliance

106 readers
1 users here now

People conforming to the letter, but not the spirit, of a request.

founded 2 years ago
MODERATORS
bot@lemmit.online
1
Politicians ignore warnings about publishing everyone's data online. (old.reddit.com)
submitted 2 days ago by bot@lemmit.online to c/maliciouscompliance@lemmit.online
0 comments fedilink hide all child comments
 
This is an automated archive made by the Lemmit Bot.

The original was posted on /r/maliciouscompliance by /u/CptUnderpants- on 2025-09-11 20:37:51+00:00.

Back when every business and government was starting to get their services accessible online for the first time, there was a new law passed in my state that all local government public records must be accessible via the web.

Those records held by local government included dog registrations, building plans/permits, property ownership information, etc. Until this point, you had to physically turn up at the local government offices and have your name recorded to access such information, but it was free to access and they were not permitted to deny you.

At the time I was the webmaster for one of the local government areas in Australia. When this was first proposed, we highlighted that residents would be very upset by making this information easier to access, and potentially for people to 'scrape' the entire dataset. (Tests to prove you were human were not very reliable back then.)

This was politics, so we were somewhat surprised that the politicians didn't see the potential public backlash.

We also wanted to protect our residents from people who would try to abuse or profit from mass-access to this information.

Our warnings were ignored. So we complied... maliciously.

I wrote an absolutely brilliant information portal (with the best captcha we could implement at the time) which complied exactly with what the law required. We ensured the local newspaper knew the exact date and time it would go online and what would be published. It was easy to find and put in a lot of time to ensure news media would be able to easily demonstrate the potential harm.

The following day, front page news about the massive privacy issues this could pose. That morning, we were told to take it offline and it stayed offline permanently.

The portal was up for a total of 27 hours.

In the aftermath, politicians tried to shift the blame to our local government leadership, who shifted it to us in the IT department. We had prepared a paper trail to ensure that those truly responsible were given all the credit for the project. And those who rebuffed our warnings, had their emails included in the freedom of information requests made during the investigation.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here