Saturday, April 30, 2005

Vote Spam

I generally assume there is no privacy online. However, this email caught me a bit off guard:

From: Jack Hickey [mailto:jack@capp.info]
Sent: Friday, April 29, 2005 9:43 AM
To: Voters in RCSD Tax Election
Subject: Mail in Ballot for RCSD Parcel Tax

You are receiving this e-mail as a courtesy of Citizen Advocates for Private Philanthropy, a committee of my creation.

My fellow voters, Measure V is an all mail ballot for a non-uniform parcel tax. The tax ranges from $85 for residential parcels (with a senior exemtion), up to $2500 for commercial properties with lot size > 45,000 square feet.

As of the close of business at San Mateo County Elections on 28 April, 2005 your mail-in ballot had not been received. More than 30% of your fellow voters have tendered their ballots.

I urge you to consider the information in your Sample Ballot, and vote in this election. The deadline is Tuesday, May 3, 2005 at 5 P.M.

If you have misplaced your ballot, contact San Mateo County Elections at (650) 312-5222

John J. "Jack" Hickey, Founder, Citizen Advocates for Private Philanthropy

Note: Your e-mail address was provided by the San Mateo County Elections Department from information which you provided on your voter registration form. I will not use it for non-election related purposes.

I didn't know it was possible to get a list of voter email addresses and whether or not they've voted. I write anti-spam software so I thought I'd seen it all, but this was a new one. Anyone have ideas on how these lists could be spectacularly abused?

posted by linus @ 11:03 AM   2 comments

2 Comments:

At 3:12 AM, Anonymous said...

Can you remeber allowing first, second or third pary contact?.

This seems to me a huge abuse of the system.

 
At 9:13 PM, Anonymous said...

All candidates have access to a complete list of voters, along with their voting records, addresses, and (yes) even email addresses. Voting records are completely public, and that info is used to publicize (among oher things) voting records of candidates and other public officials.

The official "rules" (involving the more complete disclosure, including addresses etc. in addition to more public voting records) require a signed statement by the election-elated group (such as a candidate) indicating that the addresses will only be used for election activities. It wouldn't surprise me to see that there were significant laws against the abuse (fraudulently obtaining data??)... and... I believe each copy, distributed to each candidate, includes some bogus seeds for detection of abuse (or at least, that is what I was told). ...but... a couple of clever candidates could collude to to identify differences and eliminate the detection seeds.... but then error correcting codes could be used to make such deductions "hard" and allow intersections of distributed sets to be mapped back to their contributing sources ;-) (gulp).

Since I give different addresses to each email user, I *could* detect such abuse of voter-lists. To date, I have not seen such abuse (i.e., abuse of he email address that I gave to the voter registration folks).

Summary: There are probably "much better" ways to get mailing lists, than to risk involvement with well defined federal(?) or state crimes.

Jim

 

Post a Comment

<< Home