There has recently been a spate of odd spams to harvested addresses asking hypothetical questions about domains' privacy practices. It turns out this is a grad student enrolling human subjects in a study without informed consent... The explanation is at https://measurement.cs.princeton.edu/privacystudy/ and there is a list of domains there which were created to run this maldesigned study.
Many of the early batch compounded the consent problem with outright fraud, claiming to be from people who do not exist.
I am curious about what the SA user world thinks of such domains. My personal opinion is that the grad student, his faculty advisors, and his IRB should all be forced to find new careers and the domains should have a null CNAME at the root forever. It appears that URIBL, SURBL, and Spamhaus DBL have all noticed the domains unflatteringly, which I suppose constitutes a more balanced consequence...
A customer has expressed mild dismay at the concept that a fine research institution should be "punished for doing research." I'm less attached to Princeton than my NJ-based customer and (having worked in a NIH-funded lab) less idolizing of the Ivory Tower in general. I have no difficulty explaining my position, but I am rather surprised that I need to in 2021. Am I missing something special that makes such research spam somehow not spam?
--
Bill Cole
bill@scconsult.com or billcole@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
Many of the early batch compounded the consent problem with outright fraud, claiming to be from people who do not exist.
I am curious about what the SA user world thinks of such domains. My personal opinion is that the grad student, his faculty advisors, and his IRB should all be forced to find new careers and the domains should have a null CNAME at the root forever. It appears that URIBL, SURBL, and Spamhaus DBL have all noticed the domains unflatteringly, which I suppose constitutes a more balanced consequence...
A customer has expressed mild dismay at the concept that a fine research institution should be "punished for doing research." I'm less attached to Princeton than my NJ-based customer and (having worked in a NIH-funded lab) less idolizing of the Ivory Tower in general. I have no difficulty explaining my position, but I am rather surprised that I need to in 2021. Am I missing something special that makes such research spam somehow not spam?
--
Bill Cole
bill@scconsult.com or billcole@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire