Privacy and OSINT

The more time I spend looking at cyber security the more concerned and paranoid I become and the more I realise how, in general, we don’t pay enough consideration to the data we share online.  Take for example a recent post I saw online where an individual was celebrating the purchase of a new house.  

They posted a lovely photo of the front of the house, with the for sale sign showing as sold.   The photo didn’t include the door number however it wouldn’t take much effort to find the address of the individual concerned.    Their photo showed the name and telephone number of the estate agent giving a rough area based on the UK area code.    A quick search on the estate agents site would give details of houses they had for sale along with photos from that period in time.   A quick comparison and you have an address, plus the name of the individual is included in their social media profile.   So, we now have a name and an address, plus from the social media profile we know about what they do for a living and various other bits of info.

The above is an example of OSINT or Open Source Intelligence, using freely available information to track someone down or create a profile on an individual.   It is all too easy given the information we make available online plus the various search tools which are now available. A logo, identifiable vehicle, company name or any manner of other things can help in tracking a person down.

In another post I saw an individual posted regarding repairs being done by the water board and how the works blocked their driveway.    The house number is in sight in the photo as is a house name plate.   Again, there is enough information to track the individual down and identify their address, with their name and job identified through their social media profile.

We all too often post photos online, such as photos from our evening run or photos with family, almost always giving away more information than we intended.   We equally may share information from health or fitness apps, possibly including run routes, again giving away more information than we intended.

This is yet another area of digital citizenship which we need to be discussing in our schools, with staff and with students.     If we don’t, it is likely that our continual sharing online will continue to compromise our privacy and potentially could result in some individuals putting themselves at risk.


Author: Gary Henderson

Gary Henderson is currently the Director of IT in an Independent school in the UK. Prior to this he worked as the Head of Learning Technologies working with public and private schools across the Middle East. This includes leading the planning and development of IT within a number of new schools opening in the UAE. As a trained teacher with over 15 years working in education his experience includes UK state secondary schools, further education and higher education, as well as experience of various international schools teaching various curricula. This has led him to present at a number of educational conferences in the UK and Middle East.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: