First off, I want to say this right away- Its total bullshit that some user targeted you like this and you definitely have a right to get a subpoena for OKC to give you the users IP and to delete the account
However I dont agree with your hate towards OKC- You cant give them shit for:
Not giving you the Account information/IP just because you asked:
Giving that info to you without a legal order just makes them liable personally. You want the IP? You need to send legal notice. What would happen if it was some abused woman who OKCupid gave their account info out to her abuser? Yeah- Get a legal order if you want that info. Not OKC's fault, They are following (wise) legal advice.
Not requiring email validation-
So what? They could have done the same thing posting your details to pastebin.com or just not used your email in the first place. Actually, seeing as how the account is registered to you, why dont you just login and delete it? Not requiring email validation means nothing. In fact, Email validation is basically worthless nowadays (Similar to captchas) and just annoys users.
Finally- Saying what you said in that post is rather stupid. Threatening to "get ugly" and that you have a "actionable case" - If this was against a company I was involved in, our lawyers would basically cut us off from any communication at all. Now that you have said that, your only action is to actually get a subpoena vs if you took a nicer tone, they might have deleted the account for you.
Additionally- I doubt OKC is in any risk themselves for this so threatening to sue them is silly. the CDA basically absolves them from any liability for user content so the best result you can get from "suing" them is that you would lose. Worst case is you pay their legal costs also.
You want the IP? Get a subpoena. Thats how its done.
Once you do get the subpoena, rake the bastard over the coals for libel :)
Wow you and I are smoking two separate things. If someone posts my address on the internet with a message that I want people to come and rape me, I expect the provider of the service to not only (a) respond promptly but also (b) err on the side of caution.
You can look at the history of fake facebook profiles around the legality of all this (tldr, you can sue the poster and win or lose, largely depending on where you sue). Facebook though has a clear policy in place to handle this. Also, I'm not aware of any cases involving a fake profile which was as vile as this..once you simply ignore victims though, and keep the profiles up, you become ethically 100% in the wrong (legally, who knows).
The other potentially interesting thing to compare this to is Craigslist adult-section. If states can sue craigslist over facilitating prostitution, what do you think they are gonna do over rape?
The irony is, the fact that OKCupid doesn't require verification makes it easier for the OP, since otherwise they would've just used a dummy EMail that he wouldn't have access to.
I agree with pretty much everything you write except that it's inexcusable that OKC has not been in touch at all with the victim (the main point of the rant, hence the headline).
"Giving that info to you without a legal order just makes them liable personally. You want the IP? You need to send legal notice."
Surely they can reply immediately and suggest he get a Pre-Action Discovery Order or whatever it might be called in his/their area. Would take a few seconds to do.
Sorry to reply to my own post but have got another minute to add more to this conversation: I run a forum that receives all sorts of legal threats over questionable/defamatory posts. I'd rather not have those dodgy posts on my site and would be quite happy for someone to pursue the authors. When receiving a complaint, I make the effort to reply quickly in each case outlining the legal options. Surely OKCupid are in a similar position - they don't want this sort of junk on their site; if they can provide a quick piece of info and then stand out of the way while the OP pursues the perpetrator, all's well IMO.
More than libel. This looks a lot like wire fraud (or at least, an attempt) - using the internet to try and trick someone into getting raped.
If the bastards who did this get off without potential jail time, and people who steal access scientific papers have to fight for their freedom, I'll lose all faith in the US justice system.
I agree that his request for the IP address of the person who made him "gayassfuck guy who wants to be raped" is a bit silly, but on the other hand his tone is appropriate. Just imagine finding yourself in his position, would you approach it lightly?
I know I would went hulk mode. You don't want to see me when I'm angry. (green and oversized, too :)
"That’s my real address. Unlike my previous address, which I posted publicly as part of my Halloween party invitation, this one was not public."
So lets summarize:
1) This guy does not want his real address to be known.
2) A small number of people learned it through OkCupid but most likely ignored it.
3) As a result the person in question posts his own address publicly on his blog and gives OkCupid the fault that the address is public now.
Am I the only one to whom such a behavior appears incredibly stupid?
And by the way: Just do a whois on the domain name of the blog and you'll also get to the same address.
Not wanting your address public is one thing. Not wanting your address published along with a call to break, enter, and commit rape is another. Perhaps the former wish pales before the importance of discussing the latter.
It's probably a good idea to involve the police in this case. If your problem is that OkCupid is giving out your home address, why should they solve that problem by giving you someone's IP address? That doesn't make sense; you could be just as much of a whacko as the guy that posted your address. Two wrongs don't make a right.
The correct way to address this problem is, I think, to file a police report. Then they will give the information to trained law enforcement officials that can act on that information in an appropriate manner. (I've been on the other side of this before; someone on Slashdot didn't like a comment I made. Several months later, the Secret Service is at my front door with a list of questions they needed answered. A little scary, but the best possible outcome. I'd rather have trained federal agents after me than some psychopath with a sawed-off shotgun. But maybe that's just me.)
Anyway, OkCupid should absolutely take action on this, but I think it's best if you don't take it personally. Let the professionals solve your problem. They'll do a better job because they have access to better tools and have better training.
The thread was something like, "name something you can't say on the internet" and my reply was "i'm going to kill the president". It turns out I was right.
Anyway, the cops did not check the content of the thread before coming to my house. After I showed them they agreed it was kind of silly that they were called out, and they went away. I never heard any follow up, but I assume I now have A File.
His blog says it's a parody blog... Is this post for real? I feel like he's not seriously accusing OKCupid and his blog's description implies everything is fake... Why else would he not blur out his address???
"This blog is my personal property and consists of my private opinion. This blog is a work of fiction, the names in this blog are fictitious, and any resemblance to persons living or dead is purely coincidental. This blog is solely satire and parody and should be considered as such."
It's mainly a humor blog, but I write serious posts on there as well. The disclaimer about it being fiction is a CYA for some of the humor I write. The OkCupid post is completely serious.
You should be glad they have that registration flaw. Consider this scenario:
OkCupid does require email validation, and the attacker still makes the false account under your name with your photo and all the same information, and simply emails you a link to it. Same exact thing. It doesn't even look like your email address is visible on the page. All that OkCupid's flaw served as here was an instant forward of the page to you which you should actually be grateful for. Imagine the attacker wasn't able to use your real email and in fact never did email you the link to it, this page would be up on OKC unbeknownst to you because OKC wouldn't have emailed the confirmation to you.
While the attack was a pretty messed up idea, I feel you completely over-reacted. You are way too enthusiastic, publicly, about wanting to get revenge on OkCupid, who really didn't do anything wrong. I would rethink the subheading with which you chose to adorn your Twitter background.
People will always misuse technology. A website can't be sued for having a loophole in its registration system. That's just stupid. However, a person could be sued for attempting to anonymously recruit crazy people (the only type who would think the original post is real and go through with the request) to break into your house.
Ultimately the lack of email confirmation is a minor detail and not even relevant since it had no impact on the perpetration (except notifying the victim and enabling him to log in).
But I don't think that takes away from the complaint that OKC should have replied to the victim.
Yes, they should reach out, but I understand why they wouldn't want to publicly perpetuate this incident. He should have just sent an email and not given them bad press on Twitter and his blog.
"This blog is a work of fiction, the names in this blog are fictitious, and any resemblance to persons living or dead is purely coincidental. This blog is solely satire and parody and should be considered as such."
> Apparently, the link in this email could be forwarded to anyone, and they would be able to sign in.
This happened to my mom a few weeks ago. When you receive a message on OkCupid, it shows the message in the email and it also includes a link to your profile. My mom forwarded the message to some of her close contacts and later found out they all had full access to her profile. Very embarrassing.
Assuming it's not fiction - hard to tell with that disclaimer on his blog - if I were the poster, I'd take this to law enforcement immediately. Conspiracy to commit rape is a serious criminal charge.
When you were a kid and another kid threatened to beat you up, it was always the case that the more they talked about the less likely it was to happen. The ones that were a genuine threat just tended to hit first and talk second.
I've always found the same thing about legal action. The more someone makes vague threats the less credible their claim seems.
If you haven't spoken to a lawyer, don't make reference to any sort of legal action (and if you have spoken to a lawyer they'll tell you to keep your powder dry on publicly announcing it too)...
On an aside, since most people manage to get through life without such an offensive profile being created about them on a dating site, I'd respectfully suggest that once the author has successfully found the "delete" button, he perhaps considers if he could have done anything differently to avoid being in a situation where someone was that p*ssed with him... (not justifying or condoning the actions of the profile creator, just espousing my personal preference for avoiding trivial confrontations in the first place)
if the person creating this fake profile hadn't used this guy's e-mail address, this guy probably would have never known his home address was being given out. seems like in this case, not having to verify the e-mail address was beneficial to this guy so i'm not sure why he's so angry that no e-mail verification was needed.
though, what does he expect to do with the ip address from okcupid? contact the isp and ask for a home address? i can pretty much guarantee that the isp won't give out any information without a subpoena, or at the very least, a formal request coming from a proper law-enforcement agency. if he wants to do anything other than go beat up the guy that posted his information, he should contact the police, have them subpoena okcupid for the ip address and timestamp information, which they will have to provide in the subpoena to the isp.
Ironically, the fact that his real email was used actually saved him. OkCupid doesn't show email addresses to users, so the person who created the account could have used imtrickingyouintorapingsomeone@gmail.com and nobody on the site would know. Even worse, he never would have known a group of men were invited to rape him. At least this way, he knew about it almost instantly.
Regarding legal liability, it's worth noting that Yahoo! has a panel you can access that shows the ip addresses you connected from during all your recent sign ins. It's only available to the account holder. They are a big company with many lawyers and seem to know what they are doing. It seems to be a very good feature that all sites with user accounts should probably have.
The scary thing is that this is someone who has access to his private Facebook profile, aka one of his Facebook "friends". And he doesn't know who it is. There are traitors among his friends.
He has 1391 "friends" on Facebook. I think this is past the point you can claim to actually know all of them, or even recognise all of them in a crowd.
This is also past the point where you can fool yourself that anything restricted to "friends" on Facebook is actually private.
"filled with people looking for threesomes, married browsers looking for sex on the side, or, occasionally, Nigerian princes who want to give you money. "
One of these things is not like the other. Seriously, why the need to insert unrelated bigotry?
This has nothing to do with OKCupid. Just because somebody used them to target you, doesn't make them liable. What if I create a public Google doc with all your private info and some lies? Will you sue Google?
Allowing it to be posted: not OKCupid's fault. Failing to reply in a week to a situation that clearly presents the possibility of imminent harm and of great psychological stress: fail. They could, for example, have responded within 24 hrs to say the posting had been removed and law enforcement would be contacted.
I'm not one for spreading peoples' personal information, but I'm tempted to repost this on pastebin or any other GeoCities equivalent to make a point.
I can do the same thing with Facebook. The lack of email verification has nothing to do with the publicness or lewdness of his email. I've had people create Facebook accounts with my email address too. I just log in and deactivate the accounts.
This guy's "attacker" could have just as easily used a fake email address and done the exact same thing. Even with email verification. Email verification != identity confirmation.
It's actually sad how easy it would be to quickly create a fake Google+ profile, Facebook profile and Twitter account to emulate this person and post equally insidious threats. Is the only difference here that this person didn't have a previous OkCupid! profile to prevent this name-grabbing? Or what?
First off, I want to say this right away- Its total bullshit that some user targeted you like this and you definitely have a right to get a subpoena for OKC to give you the users IP and to delete the account
However I dont agree with your hate towards OKC- You cant give them shit for:
Not giving you the Account information/IP just because you asked: Giving that info to you without a legal order just makes them liable personally. You want the IP? You need to send legal notice. What would happen if it was some abused woman who OKCupid gave their account info out to her abuser? Yeah- Get a legal order if you want that info. Not OKC's fault, They are following (wise) legal advice.
Not requiring email validation- So what? They could have done the same thing posting your details to pastebin.com or just not used your email in the first place. Actually, seeing as how the account is registered to you, why dont you just login and delete it? Not requiring email validation means nothing. In fact, Email validation is basically worthless nowadays (Similar to captchas) and just annoys users.
Finally- Saying what you said in that post is rather stupid. Threatening to "get ugly" and that you have a "actionable case" - If this was against a company I was involved in, our lawyers would basically cut us off from any communication at all. Now that you have said that, your only action is to actually get a subpoena vs if you took a nicer tone, they might have deleted the account for you.
Additionally- I doubt OKC is in any risk themselves for this so threatening to sue them is silly. the CDA basically absolves them from any liability for user content so the best result you can get from "suing" them is that you would lose. Worst case is you pay their legal costs also.
You want the IP? Get a subpoena. Thats how its done.
Once you do get the subpoena, rake the bastard over the coals for libel :)