Shadow database

The data protection term of the shadow database , which is not to be understood in the sense of computer science , describes a database that contains so-called shadow data on natural persons, i.e. personal or (possibly at a later point in time) data that can be (re) drawn from a person as a rule, those affected do not know that third parties have saved this information about them or save it regularly.

Example 1: Possibility of subsequent assignment of the internet history

By integrating plug-ins, mostly third-party scripts, which are integrated via JavaScript , for example , and reloaded by the user when the website is accessed, Internet companies such as Google , Facebook and Twitter obtain a large amount of referrer data . If a person later registers with one of the services of these companies and information has already been saved in the shadow database for this IP address or this canvas fingerprint , web traffic, for example, can - if it is triggered by the above. Social media scripts was recorded - can be subsequently assigned to this person.

Example 2: Shadow data from forwarding orders

Another example of the creation of shadow databases is the activity of Deutsche Post Adress . The latter sells - without specifically notifying the customer - the reporting addresses from the forwarding orders to other database operators so that they can keep their data record up to date.

Example 3: Shadow data by comparing the terminal address book

Another form of the shadow database can be found in smartphone messengers. These often require that the address book of the end device be uploaded to the operator of the messenger service in hashed form the first time the app is started or each time it is started (e.g. WhatsApp ). Not only are the phone numbers of people who use the messenger service transmitted to the messenger service, but also the data of those who do not (yet) use this service. If one of these people later logs on to the messenger service or another service of the messenger service (e.g. the social network Facebook ), the social network can suggest profiles of other users for networking whose phone numbers or e-mail addresses were in the address book of the end device.

Left

https://www.futurezone.de/digital-life/article215430467/Facebook-nutzt-Daten-ueber-euch-die-ihr-nie-verraten-habt.html (message from 27.9.2018)
taz gazete: The digital shadow. In: The daily newspaper: taz. February 23, 2019, accessed August 23, 2020 .