A few weeks ago I heard about this website called “UpScoop” (Won’t give the link, but you can find it easily enough) which offered to check your address book and see what social networking sites your contacts are using. I hesitated about trying it for several reasons: the sites I use most (LinkedIn and Facebook) have pretty decent lookup services of their own, and I was not especially interested in extending this sort of drain on my time.

But I was convinced to give it a try, mainly because their assurances on the privacy of my data appeared pretty watertight. At that time, the following statements, dated 10 April, still appeared on their website privacy statement (scraped from a Google cache as the original page has disappeared):

We will not email or contact any email address obtained from address books.

Upscoop does not email, contact, or spam any friends from an email address book.

Upscoop does not sell, rent, or lease email addresses to partners, clients, third-party marketers, or other third parties.

That all seemed to me pretty watertight, though I did a bit more due diligence by checking around its reputation in the blogosphere and it seemed to be OK. So I let it run through my address book, which found actually very little that I didn’t already know (I think two people who are on Livejournal, and that’s it; also it introduced me to the rather useless Hi5.com social networking site).

NB however that for a lot of you, my address book includes your real name along with your normal address. There was nothing in UpScoop to suggest that they were scraping real names as well as email addresses, let along that they were retaining that data to set up their own new service.

Boy, was I wrong.

Given the fact that almost everyone I know seems to have received an email from UpScoop’s parent company RapLeaf this week, and that the UpScoop privacy policy has now been scrapped along with all of the above crucial reassuring sentences, I can only assume that a) they retained all my address book details, certainly including personal names, for their own use and b) they then themselves ran it through their system as part of setting up the new RapLeaf service earlier this week (since I haven’t been near it for weeks).

This is extraordinarily scummy behavior.

Having got hold of my address book on false pretences, they have then used it to market their own business, in the course of which they have intimidated and harassed my friends.

I am sorry to all of you for having believed their lies, and thus being indirectly responsible for them spamming you earlier this week.

I would be very interested to hear from American lawyer types as to whether I have any case against them.

I am posting a reference to this entry to every recent blog entry on RapLeaf I can find.

Edited to add: I see that RapLeaf have now posted a public apology, which includes hat-tips to and . Good for them. I’m still hopping mad, though; it doesn’t explain their apparent retention of data from my address book for their own commercial purposes.