Last night as I lay in bed I had an idea that I hope already exists. Has there been any tools, or concepts drafted that would enable individuals to set up accounts under their existing emails and just have some garbage spewing script interact with their tool?
Effectively get them to know less about my real habits by sending over noise. This is widely done on Twitter and Facebook but with the intent for a bot account to gain a following and share information. This would inherently be a personal goal to misguide folks about who I really am. Instead of trying to jist cover our trails with privacy tools, make as many fake versions of you that spot noise into the ether.
Also consider like a method of cellphone swapping where you and like x number strangers online have the same phone have some method to find eachother and wipe amd send your phones to different locations so that the IMEIs move around randomly.
I haven’t thought through this too much but the general idea is just break the system from being source, make noise, and conceive of ways to throw off the current identity tracking methods used.
I’m sure this is already a thing, if it is does anyone have links or tools that do this kind of thing?
Data poisoning is another good term. I do think that this would need to be something attached to a broader network of folks running this software. Like get one group of folks to trash some old emails and contribute them to public lists to be used.
Then have software picking from this list at random to attach to this account to spam while the host program runs it.
You could easily get your email spammed with this network but it could be a way to discredit a lot of identifiers.
In a fictional extreme scenario, you can have multiple “wrong” IP address and one real IP address, in a list of say a 100, eventually the people looking for you have to check for 50 address on the average before they can find you.
Compare that with 0 IP address on file.
No data is preferable over real data hidden in a sea of fake data.
So ive had a gmail account since the early 2000s that I’ve used recklessly as surveillance capital grew into its current state. The damage is done. I can do some cleanup like try to get all the data scrapers to remove my data but the email is tied to me in meatspace.
One might feel this is defeating because they have lost that account used for so long to identify their meatspace identity but I don’t know, it feels like an opportunity to just convert a long standing account with garbage that makes it seem active.
Then create an entirely new address that sits behind rotating aliases used for different use cases.
Also then i can do my best to close and delete any account I find dangerous to leave open (with credit cards or PII). Update the addresses to other people that share my same name or other identifying information as me in different locations. Create a facebook profile with mixture of these identities and any site that is frequently scraped.
Are there drawbacks I’m not consodering other than having to move off my old email?
This feels a bit extreme. I’d only recommend this if your threat model actually has dangerous actors that is actively hunting you down to cause physical harm. Otherwise keeping the Gmail account on quiet standby may be an acceptable enough strategy.
Like you, I have a very old Gmail. It is still around because randomly I get a need to actually use a Gmail account. Besides, I don’t think you can really fool Gmail if people are still addressing you to your full name in the same Gmail address (or another for that matter).
There are things you can obfuscate as is still worth hiding from Google, but the vast majority seems irrelevant to hide from Google, especially what Google already knows.
There is of course, a potential for future unforeseen danger of mixing real data with fake data. What if the government associates you, via your fake residence address, to the actual person of interest (i.e. cartel drug dealer) that lives in your fictional address? You would now be subject to further unwarranted scrutiny.
Take another scenario: maybe the disinformation address that you have provided has an immigrant neighbor and that same neighbor is the target of their three letter government agency and actually has advanced persistent threat actors assigned to hunt them down. You might get in that kind of crossfire.
Casting a wide net of disinformation may have the adverse effect of having undesirable by-catch. The chances are small of course. It is a gamble with an unknown chance of getting a bad outcome with no significant beneficial return in the risk you are undertaking. If you just want less personal data online, consider the use of third party removal tools instead: