Technology to Out Sex Workers

Two related stories:

PornHub is using machine learning algorithms to identify actors in different videos, so as to better index them. People are worried that it can really identify them, by linking their stage names to their real names.

Facebook somehow managed to link a sex worker’s clients under her fake name to her real profile.

Sometimes people have legitimate reasons for having two identities. That is becoming harder and harder.

Posted on October 13, 2017 at 6:57 AM45 Comments


Inwoods October 13, 2017 7:48 AM

Some of the catwalk fashion attempts at “digital anonymity” have been hilarious to look at, but I can’t help but feel covering faces is going to be more popular somehow soon. Perhaps beards for guys, and scarves of some sort for women.

I know there’s a whole religious angle people will jump to, and covered faces are scary because terrorism, but there’s going to be a stronger and stronger desire for it if only to avoid advertising.

Andrew G October 13, 2017 8:00 AM

And of course we all trust PornHub, and Facebook for that matter, never to blackmail anybody. That would be wrong, and a tech company would never do anything wrong … would it? Everyone who works at those companies can be trusted completely.

George H.H. Mitchell October 13, 2017 8:27 AM

Bruce, you might rephrase the headline so people don’t momentarily parse it as “Technology to Out-Sex Workers.”

handle_x October 13, 2017 9:40 AM

Well what did any of these people expect?

Facebook is an opt-in self-doxing unto the entire digital world.

Sex worker needing to be careful about exposure? WHY ARE YOU ON FACEBOOK THEN?
Other options exist that can certainly be better for that than CIAbook.

Further, you CAN use a fake account on Facebook, it’s just harder. Don’t post!
If you want anonymity, why are you putting yourself out there like a moron?

“Doctor, it hurts when I do this…”

“Get out of my office you idiot! Nobody has time for your self-inflicted wounds!”

JaredTheGeek October 13, 2017 9:44 AM

Here is a guess at what happened. She either used one phone for personal and business and had the facebook application and has her phone number on facebook and so do the customers or she put facebook on her work phone and it connected the dots. I don’t think its really as complex as people believe.

Tatütata October 13, 2017 9:56 AM

At the bottom of the link there is another story about clients who pay a professional by the session for lying down and expose their most intimate who got outed by Fess’book. (I meant a shrink’s patients, what where you thinking of?).

I’m not on social media. I was creeped out soon after they came into existence when I received an invitation to sign up by way of a relative, where several hugely distant aspects of my life in several countries on two continents were suddenly connected together in a single e-mail. The connection was quite certainly made by the e-mail address I had provided in various registration processes. And the tools only got more insidious with time.

All of those people walking out of Langley or Fort Meade every day at 5PM and just turning on their phones in their car must surely provide a lot of interesting information…

PP October 13, 2017 10:51 AM

This is the legal problem Bruce wrote about more than a decade ago-jurisdiction. The problem is not facial recognition but how the correlation will be used. In the EU, users could receive the following dialog “‘Jane Hacker’ would like to publish the following image of you: allow or deny?”. In the US, users could receive the following popup “‘Jane Hacker’ would like to publish the following image of you: Payup! Intercontinental agreement doesn’t yet exist on who owns the data. Is it the person the data are about? Is it the person who stores the data? Adding whistleblowers into the mix, might just reveal why the game of chess is played for squares.

Alejandro October 13, 2017 10:52 AM

While it’s very true it’s hard to hide your identity on the internet, we must keep trying.

One small way to resist is to work the classic rule, “garbage in, garbage out” by feeding the beast garbage at every step.

Use fake names, addresses, emails….all of it at every opportunity. The ability to cross reference big data has become formidable and phenomenal. But, it’s also a weakness.

What if for every telephone number the beast shows there are hundreds/thousands of names and addresses attached to it, and only one is not fake?

Feed the beast fake data. It might help.

Cesar Branco October 13, 2017 10:54 AM

Facebook does this using whatsapp and/or mobile information: if you have someone’s number on your address book and that someone is on facebook, it is likely that facebook knows your public identity because you browse facebook from the same phone, and already knows someone because she/he has his phone number associated with hers/his facebook account. Therefore facebook suggests that someone to your public identity.

Daniel Joubert October 13, 2017 11:07 AM

I had a chat on WhatsApp and immediately I was shown adds on Facebook that was relevant to the conversation.

I think it was clever of Facebook to keep the WhatsApp brand seperate so that connecting the dots is not an obvious task.

Z.Lozinski October 13, 2017 11:21 AM

In the 2010 novel “Zero History”, William Gibson (inspired by Bruce Sterling) used the idea of clothing that defeated CCTV systems, and made the wearer invisible. (A pattern on the clothing triggered a backdoor in the CCTV firmware).

The problem of big data linking together multiple identities is not just an issue for individuals but also for governments. Undercover police officers, people in witness protection programs and intelligence operatives may have more than one legally issued identity. If a country has a facial recognition database, or universal fingerprints, it is no longer possible to maintain this. And as soon as someone with multiple identities enters a foreign country, they have to assume that details such as fingerprints, biometrics and photograph will be stored.

handle_x October 13, 2017 11:21 AM

“While it’s very true it’s hard to hide your identity on the internet, we must keep trying.”

Why would you be trying to accomplish that ON FACEBOOK, though, is my question.

Sure it’s doable but you’re a vampire so why are you worrying about spf-15 sunblock?

Ollie Jones October 13, 2017 11:36 AM

If I don’t pay for the product, I am the product. We have to keep saying that, even after we think everybody knows it.

I know this might not be a popular idea, but I wonder if trying to use tech means to prevent the outing of sex workers might be an x-for-y problem?

Imagine, for a moment, a world where that line of work carried less shame. The only downside? Fewer jobs for crooked business agents (sometimes called “pimps”). People in that line of work would then have much less risk.

handle_x October 13, 2017 12:07 PM

“The only downside?”

Not all is foreseeable. Either way that would be a massive civic shift to absorb.

Daniel October 13, 2017 12:08 PM

I have tow points to make, both which I have stated before. First, and most importantly, it doesn’t matter whether one “opts in” on not. Technology has reached the stage where it is impossible to opt out. Two, that means something has got to give. Either we are going to have to change our social mores such that (as in this case) porn stars find no need to have dual identities or we are going to have to get used to moral tyranny. The only other possible option is to ban the technology but that horse seems to have left the starting gate and to mix a metaphor I don’t think we can put the genie back into the lamp.

My prediction is that 50 years from now people will look at today and see it as a golden age of social anarchy. They will see it has something akin to the Wild West—something to write easy homages to because everyone knows those days wont return. As I said more than 20 years ago, I cannot imagine a future which is not dystopian.

handle_x October 13, 2017 12:29 PM

“Technology has reached the stage where it is impossible to opt out.”

I would agree we all use wheels and levers, but MUST you join Facebook really? No.

They will have some background scooped-up info on you either way that’s true.
You can avoid giving them everything else. There are ways to do this : Use cash, etc.
If you put everything through paypal or square or xyz, you sell your data to them.
Realize that is not entirely necessary though inconvenient in some cases.

“or we are going to have to get used to moral tyranny”

Morality and social mores are related but separate. Tyranny is a strong word.
Historical law and societal change fight every day all day long, everywhere.
You can’t expect a 180 overnight. People seem to expect that lately.

You’re right that the genie can’t go back in the bottle. The Unabomber tried to force it.
North Korea has nukes, China shoots entangled electrons into space. Complexity is here.
There’s a happy medium in using a tech tool “for the specific job it’s designed to do” and not allowing yourself to be lured into mowing the lawn with a laser.

You can avoid Facebook outing.

Alejandro October 13, 2017 12:36 PM


Me: “While it’s very true it’s hard to hide your identity on the internet, we must keep trying.”

You: “Why would you be trying to accomplish that ON FACEBOOK, though, is my question.”

First off, I certainly don’t do FB and I doubt many visitors to this site do.

But, we all know even without an account or ever touching anything FB we all get sucked in one way or another. For example, you go to the neighbors birthday party, somebody takes a picture of the attendees and posts it with names. Even yours.

Now, I do know someone who somehow managed to create a totally fake FB identity which has been good for years. It involved using real data from various persons and places. So it can be done.

That same person was asked to be friend by an unknown cop in uniform almost immediately after setting up the account. A person they did not know at all. hmmmm.

So, that proves what we all know which is FB (et al) is a dangerous, creepy, sick place. But, it has an addictive dope fiend quality to it which draws targets in.

Regardless, even folks who use FB can and should upload fake data of all kinds whenever there is a chance. It could be something as simple as claiming apple pie is your favorite dessert, when in truth you hate it.

All garbage input helps blind the beast. The thing people must know and understand is that every tap and keystroke is being collected, stored and used against them in one way or another. FB is not your friend.

Ask Mr. Zuckerberg (future President) what he thought about users in the early days of FB for a verification of that. Or, google:

“Facebook founder called trusting users dumb f*cks”

handle_x October 13, 2017 1:02 PM

“and I doubt many visitors to this site do.”

You’d be surprised probably.

“somebody takes a picture of the attendees and posts it with names. Even yours.”

First off, how hard are you trying to keep your privacy in the age of photobombs?
Most people don’t check your ID. No colorful nickname? You gave your full name?
You’re right that friends/family can be a vector also. I didn’t say it was easy.

“But, it has an addictive dope fiend quality to it which draws targets in.”

I think people develop dopamine reactions to things that trigger them after “training” it.
Be it gambling, 24/7 social posting, cocaine, adrenaline, angry birds…
Finding out such things is a key to profiling someone more profoundly.

“All garbage input helps blind the beast.” It may be illegal once they prove your motive.
CFAA = Computer Fraud and Abuse Act. It can be quite draconian under the right hands.

If people want to look “at you” they will see you eventually. The beast is no more affected by your efforts than a hurricane is by a line of palm trees on the beach.
The question is why are you trying to fight a hurricane from the beach.

I appreciate your points, Zuckerberg is absolutely Rumplestiltskin made modern.
Do not bring your family into it.

He stole the website idea in the first place, talk about classic fraud.
But despite his army of goons that park his multiple SUV’s, he’s no God.
You don’t have to tell him jack.

wont_say October 13, 2017 3:44 PM

Facebook can figure it out, match the fake name to the real people in your life. My family member had this happen, matching the fake Facebook name to the coworkers. It blew her mind!

Watch it people. It’s not just the government who’s watching you.

man o man October 13, 2017 4:04 PM

Reply to —


One small way to resist is to work the classic rule, “garbage in, garbage out” by feeding the beast garbage at every step.

Use fake names, addresses, emails….all of it at every opportunity.”

True, garbage in garbage out. Even with things on paper I have that rule. If I get a subscription to something in snail mail, fake name is used. I even altered my credit reports. It has fake birth date, fake address, fake phone number, you get the picture. (Fyi, faking the credit reports are easy to do, simply fill out a couple of credit applications and put in false data. The agencies all use that data to put on your credit file).

My people searches on myself are funny – the fake data is there. They never knew what hit them, lol.

Josh October 13, 2017 4:28 PM

It’s becoming harder and harder? What if you just stay off social media? See… that’s the trap, people can’t.

Anon October 13, 2017 11:49 PM

I’ve been experimenting with Facebook for years.

I only post stuff I’d be happy to pin to a public notice board, so they have absolutely nothing that I wouldn’t publish anyway.

They know who some of my friends are, and ditto acquaintances, but not all of them.

I also drop keywords or topics I haven’t discussed previously to see if FB starts dropping subtle hints or targeted advertising. It definitely does.

I use unique e-mail addresses for everything. It’s interesting to see where spam e-mail originates as a result.

handle_x October 14, 2017 12:05 AM

‘It’s interesting to see where spam e-mail originates as a result.’

And the names they address it to.

“Hey Beelzibub, you are now prequalified for 3.8 APR..”

Mac October 14, 2017 4:18 AM

It’s impossible to know what caused the leakages without complete information such as
– search history for each account
– Mac addresses for devices used to access each account
– details on whether both identities are accessed from the same device eg access from same IP addresses but different devices would certainly trigger a likelihood these two share something in common eg activities such as place of residence, go to the same gym or cafe, etc
– details on whether both identities are accessed from different devices but from the same WiFi networks and location tracking can pin the two identities as frequenting same locations at the same times
– etc

The above details are accessed by the Facebook app on mobile devices as per unlimited permissions the person gives to Facebook apps.

The person can request their pii files for both identities and check were the data for both identities intersect to get an idea of possible network algorithm methods used to leak the connection between the two identities.

The only way to prevent leakages is to offer Facebook users the option to entirely opt out of the people who you might know feature and the person would have to opt out for all their identities. Facebook would need to respect the privacy of the indentities by not including their data in network algorithm that match people who can be connected to the identities requiring not be outed as being one person.

Facebook could be experimenting with all kinds of privacy busting algorithms such as using photos to show two people are actually siblings etc. There cases were facial features can be correlated to familial connections. Facebook does not seem to care about the unwanted intrusion of such technology eg someone who is the product of secret infidelity being told the biological father is someone likely to know or connected to and the pictures give away the truth that the person is actually the offspring of the recommended fb user and not the person who raised them

And not to mention the potential to expose extramarital affairs. Zuckerberg does give a cent of the harms his company is unleashing!

Impossibly Stupid October 14, 2017 12:10 PM

A lot of people smugly declaring “just don’t use social media” are missing the point. Sex workers are like any other victim here: they have a life/identity they have that they want to distance themselves from, but they can’t when technology invasively stalks people far and wide. For example, I once took a legitimate job where they used Google for everything, and so I had to have a Google+ account to get work done. When Google (or anyone) is allowed to link identities as they please, it makes it very difficult for a sex worker to get a better job. The problem isn’t the people, it’s the panopticon.

My name is October 14, 2017 12:38 PM

Impossibly Stupid,

I agree.

I also think it takes away people’s freedom to have own’s identity private.

The system is the problem. The government can’t infringe on one’s right to privacy (supposedly, but don’t go there) but anyone with a business name can.

CarpetCat October 15, 2017 1:12 PM

You gentlemen and ladies are thinking too small!

Facebook, et al, doesnt just process what you GIVE it. It scoops up EVERYTHING. For example, DMV records, yep, almost every state, names, address, etc. Facebook has them all.

Visa/Mastercard transaction records, in real time! Flows right in!

And those GPS co-ords? Well, lets just see who owns the propertie next door, shall we? Is there an internet router nearby?

You people don’t think the google cars just take pictures do you?

I shake my head at the lot of you. Golden age? Pshaw, that was 50 years ago! You can do NOTHING today that isnt tracked. Pay cash? My god, they can see the transaction record as you pay. The camera in the store, on the street corner. At the traffic light. The plate on your car. The gait of your walk. Sigh.

I’ve asked you this question before, and I will ask it again. Assuming the NSA, or the corporate world, etc, whatever your boogeyman is, is so all powerfull. Sucking in so much info, tapping every phone, modem, email, etc. Then why is there still crime?

How does any criminal escape? Think about it. They KNOW who is dealing drugs, kindnapping, murdering, etc. But they dont stop it, why? Because they are afraid of the tools being used against them. So the question is, what are the crimes they are doing, that are so much worse then murder and kidnapping?

Those of you who are wrong do-ers, did you not hear the warning about giving politicians too much power? About how the other side would achieve control at some point, and the tools would now be at their disposal?

And now Trump is inside.

On another vein of thought, maybe a N. Korean EMP isnt so bad? A flash in the sky, and all our sins wiped away. And the digital pictures of grandma. 🙁

handle_x October 15, 2017 3:47 PM

“EVERYTHING. For example, DMV records, yep, almost every state, names, address, etc. Facebook has them all.”

Those are public records… yep.

The idea is you can keep from giving them PRIVATE records, to some degree.
But people DO NOT MAKE THAT A PRIORITY, they prioritize convenience and
a combination of that and peer pressure results in privacy for sale.

You CAN pay cash. It’s a layer of abstraction between you and the purchase.
If you only get a few of those options possible, why not use them?

I’m not and did not say you can fully escape all data collection regimes.
I’m asking why are people trying to do that WHILE OPTING IN TO FACEBOOK.

Want to know a secret about me? I don’t hang out with people who whip out their smart phones every 5 minutes to take a selfie and email it to instagram with #my name.
I don’t carry a powered-on identifying beacon everywhere I go. Options exist.
I’ve had to make some choices and excise some things out of my life, and I do.

Anyone can look up my DL, can search around and find my address, probably phone #.
What they can’t find is a completely laid out timeline of everything I think and do.

Opting in to THAT is the heroin that powers the privacy-sucking industries. Because there’s so much “virtual money” to be had in doing it, that business logic has been allowed to usurp and overcome the traditional barriers to spying on Americans’ lives.

(In other countries including western ones, even FEWER such rights apply in many cases.)

So if you want privacy, it’s become harder. You have to choose between priorities.
There IS a way to escape the vast majority of this stuff – don’t fool with it!
You don’t NEED it. You’ve been lured by convenience and whizbang. Be strong.

You will never escape all eyes but you need not publish your diary to marketers.

Jarrad October 16, 2017 4:07 AM

What I took away from this article about sex workers being outed is how backward is society that sex work is still considered something to be stigmatized by?

I totally sympathize with the persons involved here, and the technology implications are frightening, but it’s also concerning that people still cannot feel
Comfortable in their profession and line of work.

on the outside October 16, 2017 7:30 PM

It’s refreshing to hear your perception of privacy, and how to maintain it. I’m glad you haven’t sold out, or bought-in to the “convenience” of the modern world.

Yes, I pay cash, it keeps my purchases away from the eyes of the credit card companies. They don’t know where I buy liquor, or how much. They don’t know where I buy my gasoline, or how much, which might indicate how far I drive every week.

Going to the ATM to get more cash is not an inconvenience, but rather an empowerment. I now have more cash to spend, to avoid using my credit card.

I don’t care about “points” or airline miles on a credit card. It’s just a scheme to get people to use it more often, so the credit card companies can collect all those swipe fees, and transaction fees from the merchants. And it builds a spending (and travel) profile on those poor souls as well. And also puts them further in debt, so they now pay interest on their purchases.

I know that there is a trade-off between privacy, and some sort of convenience or benefit. I don’t want that. I am willing to take on more inconvenience, or higher cost to retain a bit more privacy. I evaluate the trade-off constantly.

I don’t want my data or my email following me around, not to mention the built-in GPS tracking abilities of “smart phones”. I still have a flip-phone to avoid these pitfalls. Yes, I get scoffed at by friends and co-workers, but my phone bill is cheaper than theirs, and the cellular overlords don’t know where I am precisely. On the weekend when I head to the liquor store, I leave it at home. Even hitting the cell towers in the liquor store vicinity is something I want to avoid.

I use Disconnect.Me in my browsers to prevent trackers and cookies from being deposited on my computer. I even go so far as to close my browser between web page visits, and run CCleaner (Piriform), to remove even more data.

Yes, I might be on the fringe of being an extreme paranoid, but I don’t worry much about leaving information behind.

I’ve opted out of some of those “people search” web sites, but need to do more. I have the book “Hiding from the Internet” (Michael Bazzell), so I need to put it to use.

handle_x October 17, 2017 2:09 AM

“People should delete their Facebook account and other social media accounts.”

They won’t but they should. Amen.

A lot of that is this ADHD-related internet addiction / feel of missing out / media addiction / news addiction driving it and FB doesn’t mind selling your soul for you.

They’re captured and turned into the product. The beast grows. More tentacles.
More victims, new ventures. Put a camera in your bedroom that also knows your voice,
can identify your pet, knows your birthday and sexual proclivities and debt levels.

What if social networking didn’t mean selling your privacy out to marketing drone AI? There are plenty of transparent & opt-in ways to make money off these subscribers.

What will replace FB? Google-something. Or not. Prognosticating on this is tricky.
But if the trend continues and people continue to be cattle, there’s no impetus for these self-envisioned pillars of society to improve their treatment of and respect for our privacy as individuals who want to use their services without giving a credit/DNA sample to any footpad.

(Speaking of, watch that damn Thiel… anything he’s involved in, run.)

Bruce is doing a stellar job BTW, these little under-radar free forums are the seed of the resistance. Unfortunately it’s not scalable, it requires that human touch – that inexplicably well-intentioned shepherding. Rare.

Grass grows everywhere. Don’t get lured into the pen by convenient grass.
Best case, you’ll regret it. Worst case you’ll never know you’re in it.

Vincent L Gambino October 17, 2017 9:22 AM

I have 2 FB profiles for a rather pedestrian reason. I’m helping organize a high school reunion and wanted to make my 2nd profile the admin of a FB group for the reunion, and use it to id classmates on FB. This involved sending friend requests to people I might not want to friend from my primary profile, which I keep as locked down as FB allows. “Owning” 2 profiles has given me better insight into how PYMK (friend suggestions) works. The suggestions I’ve seen appear to combine some that could be taken for intuitively brilliant, and others that are just insanely bogus. Also, activity seems to play a large part – the day after I’ve used the reunion profile to do a lot of FB searches and profile examinations to id classmates, its PYMK list explodes, presumably with profiles (FB suspects to be) connected in some way to those I recently browsed. The more inactive I am, the smaller the daily delta in the PYMK list. One expection to that is that there are apparently random deluges of suggested profiles with some obvious attribute in common that has no apparent relation to anything I am, or have done, or have ever even looked at. For example, for several consecutive days in one profile I saw dozens of suggested friends that were apparently all connected to fundamentalist Israelis, both in Israel and the US; in the other profile there was once a flood of what appeared to be North African FB users. That suggests to me that the algorithm may be susceptible to manipulation by interests outside FB (“hacking” might be slightly too strong a word.) The really interesting thing to me is that, although I typically access both profiles every day, neither profile has ever appeared on the PYMK list for the other. Although I do use a VPN and nearly always use it to change apparent IP addresses between accessing these profiles, if FB had anything even close to a foolproof way to correlate real people, I don’t see how they could miss that connection. That behavior suggests that the process is far less than prescient, and I find that quite encouraging. YMMV.

handle_X October 17, 2017 8:22 PM

Everyone you’ll contact that way has opted in to FB already, no (more) privacy concerns.

“has no apparent relation to anything I am, or have done, or have ever even looked at.”

That’s exactly how it works, you somehow get linked to 1 thing and everything it touches.
It doesn’t always make great linear sense but the law of averages probably pays off.
It’s kind of hilarious that they call that “AI” though.

on the outside October 18, 2017 5:56 PM

I wonder how much “fishing” or shotgunning those algorithms at FB do. It’s almost as if they throw in some red herrings along with the real data to see if you bite.

And speaking of DNA samples… It’s amazing how is heavily advertising the numbers of people who willingly send in a saliva sample just to find out their ancestors are from different countries than they first thought.

Wow, in the criminal world, the “police” need to serve a subpoena on a suspect to compel them to allow a DNA sample to be taken. And these folks just hand it over, along with a processing fee. Now they’ve donated their DNA to a big database that the police routinely query to more easily get that DNA on all sorts of folks.

And if Ancestry can help you build an on-line family tree, how easy is it to get the maiden name from somebody else’s mother? So much for using that as a security factor.

“That’s exactly how it works, you somehow get linked to 1 thing and everything it touches.”
If legend tells us how the world works, it used to be that “six degrees of separation” is the distance we were away from everybody else. Thanks to “Face Plant”, that number has shrunk. Scary.

john November 1, 2017 5:20 PM

i wrote last week and did not get a answer
do you know anyone that can make a reader and emp
if not what size capacitor do i need if a chip has been embedded for 25 years. and a list of other materials needed if you will

nanashi November 5, 2017 1:41 AM

I don’t know what you mean by “reader”, but assuming you want to make an electronic EMP, the minimum you need is an induction coil, a spark gap, and one of the large capacitors found in any disposable camera that supports flash. It will work, but the EMP is pretty weak and you have to put it quite near electronics for it to succeed. You would need many exceedingly powerful capacitors (read: sufficient to instantly kill you if you touch a single one of them), and even then the inverse square law will seriously limit its radius. The only truly effective EMPs are those created with explosives. It doesn’t need to be nuclear. But in the end, any method to create a sufficiently powerful EMP to even damage electronics a few meters away will very easily kill you if you do anything even slightly wrong with them.

What do you mean “if a chip has been embedded for 25 years”? Are you trying to target an embedded, 25-year old IC? Putting a large plasma globe near it may even be enough…

Use Google.

mike thomson April 12, 2021 1:50 AM

I’m going to read this. I’ll be sure to come back. thanks for sharing. and also This article gives the light in which we can observe the reality. this is very nice one and gives indepth information. thanks for this nice article… chaturbate live

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.