Topic: A new rule is needed for bounty managers. Please share your opinions. (Read 514 times)

This is how spam emails are sent on daily basis.



Be cautious, use secondary email id, or ignore bounties where email id has been asked, or ask the manager to hide the email id column.

It's not enough, but it will help a little bit I think

Report every sales thread of email databases in digital goods and services. 

Posting primary email in public really can cause a huge number of problems in future:

1) Promotional mails: You will start getting a lot of promotional emails based on where you shared your email. There are scrapers for this which keep collecting recently shared emails , all emails are compiled in files and these are sold online. If your email makes to that file, get ready to be bombarded with unwanted promotional emails.

2) Hacking attempts: Another possible situation is that people will try to hack your email and then use it for suspicious activities. Emails are being shared here with other personal details which are often used as passwords.

I am referring to both(i.e google forms and bounty portals like bountyhive), they are exposing the email ids (that are being used in bounty portals) in spreadsheets  and also if we fill in the google forms for our applications or reports.

Now you have a good excuse to change your email address.

That's right! Main emails should be use for important things and should not use for registering in bitcointalk, airdrops, bounties, signature campaigns and on others websites like Steemit, Reddit, Facebook, Twitter, etc. Users should secure their personal identity by themselves.
In addition, never display email on bitcointalk profile to avoid abusements from bounty cheaters.

I know everybody knows that but I will repeat one more time: Never use your main email address to sign for a bounty campaign or any other promotion. Just create a new one for such an occasion.

Simple rule, invade any thread that clearly displays sensitive participant details such as name, phone number, email etc. And state that you will not support a campaign that treats its members personal information with such carelessness, give the bounty managers an opportunity to improve, if not, give them negs until they learn their lesson.

"Sign up on portal" are you referring to google forms or bounty platforms like bountyhive?
If its google forms then we are on the same topic but if it is bounty platforms then its probably indicating another issue. Please confirm?

Indeed it increases the risk of being hacked, i also oppose the bounty managers for doing this. They should need to hide the details of participants so no one can trace the ids.
Mostly the bounty managers who are using different bounty portals ask for the signup on portal by using email, and those emails are then added in the spreadsheet as user id to reward the user accordingly.

You can only get a prosecution if the campaign manager is in the EU/EEA (of which quite a lot probably aren't).

There were reports on google getting fined under similar grounds however I think it was the EU part of the company (I know a lot of their data is stored in the UK as well as the US).

I think hacking of exchange accounts is also quite an issue here (especially if people don't have 2FA). If your email account gets its password changed and there is no number linked, then you have lost your account.
If there is a phone number linked, then I'd argue that could get even more annoying for people. There are already data breaches from sites that I have noticed that have sold numbers to companies that claim to be a banking company and try to get you to go to their site (their site has nothing on it, I assume it just harvests all it can from your phone - though haven't actually clicked it on the phone itself).


It's a good start and you have already managed to get one manager to change their mind and hide the email addresses of their users.
Since they're not directly making any money out of keeping their email addresses public, I see no reason why the others wouldn't collaborate in the same way. If they do particularly need to show email addresses for some reason (which I'd doubt) then they should also state their reasons to you/the community for validation - though I doubt there is a reasonable reason why they'd not make that information private.

There seriously needs to be some bounty system made, some soft to get all this in order. This whole google spreadsheet ordeal is messy as hell and needs to be adressed. Hopefully someone will take initiative soon. Even if that means that a lot of bounty managers will lose their jobs 

Presumably most of the bounty participants are not using their main email accounts but I do agree with the OP as I do not see a necessity to expose the list of email addresses for public.  Even if they want to use the email addresses to update new information etc for bounty participants, of course they can keep the email addresses in their database, rather than expose them for general public.


Maybe we should list up such bounty campaigns like above and let moderators notice the situation and consider a new rule.

At least in Europe most of the bounty spreadsheets and even quite a few of the bounty proof of join threads are clearly illegal, since they breach personal user information that becomes visible to anybody such as the email and often name and surname.

Regardless of whether you provide your real data or a dataset for the bounty, which is not your primal true contact information, all nominal data should be hidden from a general public view, and not become visible in a public list to all.

As per definition, Personal Data is any information that relates to an identifiable individual.
Examples are:
•   a name and surname
•   an email address [email protected]
•   a home address
•   location data (geolocalization);
•   IP address
•   Etc.

The first two are clearly found on bounty spreadsheets and should not be visible to everyone.

Some peoples use their main id and some use their secondary id for bounty. So those who use the main id are at risk.
If the email ids get into the wrong hands then it may get into the market for sale, can be used for hacking attempts of bitcointalk accounts, for spam, track down of social accounts, and lastly your input of phishing attempts.

I have started to contact bounty managers to keep the personal info private, so if anyone disagrees to do so then I'll create a new thread as per you have suggested.

It was the beginning what I was trying to do, so from now on I will try to contact more of them and those who will disagree will get negative trust rating until they fix the issue.
And I will also update the names of those managers who disagreed for the community acknowledgment either through this thread or the new one.


Some of them maybe didn't realize the outcome the way we realized. And some of them may be left personal info visible due to workload.


You received those emails because your email has been sold out to email marketers, most probably.
Go to the marketplace where you will see some sellers are selling bitcointalk database, if that's the genuine one then your and all of our ids are there.
Now imagine how many times it has been sold out all over the internet. Not only bitcointalk database has been selling out there, but also I've seen coinbase, ICO, etc databases are in the market.


Not all will respond positively but I believe the majority will agree with the issue and will support.

---

I have contacted Wapinter (Baappay Bounty Manager) and he responded promptly and hidden the email id column. I was expecting something like this from Wapinter.

---

Another thing I was thinking lately that the wallet addy's (BTC or ETH) are also visible publicly through the sheet. So how appropriate is this and isn't it should also be kept private?
Because someone can easily check someone's balance and can target anyone for a hack attempt? And above all where is the privacy? Please share your opinions in this matter.

---

In my journey of bounty hunting, I've found aTriz's bounty campaigns are most easy to understand, easy to execute the tasks and takes minimum time. And another thing is, the thread design is very clean.

I also found a bounty campaign (Robotina), where the manager kept everything private from the public. The manager is doing everything at the background.
The manager only shared a spreadsheet publicly for their participants to track the earnings. I really liked the idea of this manager and till now I haven't found anything like this.

The thing I want to say, isn't it a better way? But I know it will not happen, no one will do the same way.

All those managers are not new , they should know that.

I've been exposed to much alternatively this sort of email addy exposure is too much if an individual care for oneself privacy.
Nevertheless knocking the doors of those campaign managers would not create a solution they just don't care especially if those persons are the wannabe managers I've been seeing lately.

For this reason I never use my main account for such kind of registrations. For less important registrations, especially in crypto sphere, I have dedicated email. I'm ready that I will get lot od spam messages to this email address. So, I don't care much if somebody exposes my email address in public.
I don't think that somebodt can force these bounty managers to not show participants emails in public.
A bit off-topic - I received some ICO advertisements, message about selling bitcointalk email database to email address which never was used for crypto related registrations, I have no idea where did it come from.

the problem that arose from publicising email addresses, I find here few threads where people selling email database from btctalk users, also one ICO manager, in the beginning, asking to buy large email database. it can come from copy/paste from spreadsheet or managers who steal email database from the project who led it.

Yes, there are actually services that harvest this information and sell it to the highest bidder. I think that we should boycott or warn these bounty managers.

How can they be so ignorant? I think we should just invade their threads, and point out that this is happening.

It's quiet unfortunate that many Managers expose participants emails to the public and for email hunters to come hunting for this email addresses, I started bounty Hunting recently, your preposition is quiet valid.

Sometimes the email are used to communicate with you incase you have problem in the campaign, the company also needs to keep you connected to their latest news as you are holding their coin which you earn during their bounty.

FOR THE NEWSLETTER CAMPAIGN
Understand that bounty managers are sometime different from the project itself, and for the newsletter campaign, your email also needs to be submitted in the form for cohesiveness. They need to tally.

For your safety and privacy just create a secondary email address and you would be safe when you drop your email. I have received some unsolicited email within a short period I joined bounty Hunting.

Some bounty managers use this email to send message to participants of previous bounty when they have a new bounty they are handling. As a bounty hunter you must first believe in the idea a project is trying to execute before you participate in their bounty and for so many small reason some hunters might hold that coin for a while after it hit the first exchange.

My Opinion
If you are interested in participating for any bounty, I would advise you create a secondary email (fresh new email) specifically for bounty, so you can  provide to this managers while you fill the form if it's part of the requirements and still be safe.

Regards.

I generally use a spam email address for whenever I have to share one.
But it is a good idea to try to hide these from attacks such as phishing emails.


Can we get this added to the OP by any chance or maybe get a new thread with a list of managers who do publicly share users' email addresses?


Give a negative/neutral trust rating to the manager who did not respond to you as that might get them to respond to what you wrote and give you the reason why they didn't want to hide the IDs. It might just be that they missed the PM if they have had many of them.

EquityBase who you said did respond and hid them has shown their credibility as a manager here and it's good to see one of the managers have responded.

2/3 managers as you suggest is quite a low set of users that you have tested though (it's a good start).

Again you misunderstood me.
"Outside the forum" I was referring to the ICO companies who may sell the email database at the end of ICO... It is possible, I don't know if you will agree with me or not.

And regarding the bounty managers are exposing our email ids through this forum, they use google spreadsheets for the participants to register and you know it very well.

The List of bounty campaigns exposed email ids:
Aeternum in all sheets
Fiancia in social media sheets
On.Live in youtube sheet
FroshFeel in signature bounty
Baappay in all sheets

This is a small list, and are publicly accessible. There is so many of this kind which I've ignored so far. And you may say me lazy because I'm not going to search those again.

I haven't kept any record for the list as a proof and campaign managers can change/hide in future.
Because my intention is not to argue or fight with anyone here, the reason for creating this topic to create awareness of this issue so that in future bounty managers do keep the email ids private.


I thought meta could be the best board to discuss this issue as I can't think of an appropriate board for the issue to be discussed. Let me know I'll move accordingly.


I've pmed 2 or 3 managers maybe to hide the email id column.
One of them (EquityBase) responded and hidden accordingly and the FianciaCoin did not respond and neither hidden the email id column.
After that I didn't contact anyone for this issue. But I'm thinking to drop a msg in future to every one of them who falls in this issue to hide the column.

I would like to know which managers decided not to hide the email addresses...

Seriously your suggestions are nice and worth putting into effect by bounty managers. Most time's, people's emails get sold and  someone can easily be hacked through these exposures. If the bounty managers can take this into effect it will go a long way to protect the hunters.

I've seen it, but can't find it back in my post history. After notifying the (new) manager, he did take down the email addresses.

Although I wouldn't like being treated this way by any campaign manager, I don't think this is a Meta-problem: people volunteer to hand over data in exchange for a bounty, just like they publish their Twitter and Facebook accounts.
I have no doubt most of them use fake accounts anyway, only created to hunt bounties.

Can you list down a few examples of that happening actively ? Please link me to a bounty program where a bounty manager is asking for email id's on the forum and not (outside forum such as google spreadsheets)

Yes.It literally hurts to see such beautiful tech heading that way.

I'm not an idiot because I preserver my identity and don't give it away from a few shitcoin tokens.

This can be huge issue for some members and there are only two solutions for this. First is to completely avoid such bounties which is the safest option. There are a lot of other earning opportunities here which do not require such personal information and you can look into them. If the first option does not seem practical to you, you just need to change your email id here. Use an id that you have not used anywhere else for this purpose and the problem is automatically solved.

The op is so concern and futuristic of what is possible bad things to happen because as far as I know, knowing email can easily access all information of one person by hackers.

I also think that what is the point to make it publicly if the manager or the dev requires email for just a record and not for public record.? The security of bounty hunters are important to make their email secure and couldn't be compromise.

It's not the sig. campaign, it's about bounty campaigns.


I'm not talking about the ICO here, they may need the contact info to contact us for any reason.
I'm talking about the campaign managers here, they can hide the contact info column from the spreadsheet so that it doesn't get into the wrong hands.
On daily basis I receive so many emails that I didn't subscribe, so I afraid my email id along with others is selling out there in the market and the issue we are talking here can be the source of collecting email ids.

And of course, peoples have their own choice to join or to not join in a campaign.


If you don't get so many unwanted emails on daily basis then its normal for you, but if you receive so many of them, its spam. In this forum we always fight against spam, so this issue also belongs to spam family.


You didn't understand my point.
The topic is all about bounty managers here. They are exposing our email ids through this forum, not the ICOs. Please read my reply above for Hilarious.
I'm not talking anything outside the forum, an ICO company may be selling our contact info after the end of ICO and we can't do anything if they are really doing this.

I agree with you that the anonymity is fucked up by the ICOs and it will fuck up more over the time when more regulation is added.

The number of idiots are not less in bounty hunting, including myself. It is great to know that you are not an idiot like us. 


I am thinking to use temp mail from now on.


KYC is a big issue, but I'm talking about a small issue here which can be solved easily if the "bounty managers hide the contact info column from the public". I think its a simple solution.

The OP is not only talking about the signature campaign, He is referring about the bounty campaigns like social media, translations, etc. Which is, those bounties are not paying BTC they only pay after ICO with their tokens.


I don't see negativity effect with that its only my email and I think its more helpful to be updated on the project we are focusing on. My own concern of joining a bounty is providing us KYC for a deal just to receive the payments and its not worth it. I think that is one should be change.

Please do provide the bounties which are doing so. A lot of new projects do that because they need to keep everyone who is connected to their projects even the bounty hunters updated about their project and promote it.
What you can do is create a new email id just for the sole purpose of providing it to the bounty managers and getting all the emails these projects send for promotion purposes.

It's not really a bounty manager's fault if the service/ICO they're promoting requires email addresses to keep a track of their users which seems fine to me.Anyway ICO's have fucked anonymity to the core big time (which was suppose to be the basic principle behind any crypto-currency).

Bounty idiots don't mind sharing shit over their actual social media accounts so it is not anyone's fault but the person who chose to do so.

An email account is used in order to communicate with you in order to sort some problems that might appear during a campaign. Or maybe they just use it to create a database to which the would send info, updates or maybe just to try to convince you to participate in an ICO.
Anyway, giving your email in order to join a bounty it`s a normal thing, and you can at any time set filters to your email in order to not receive any spam.

It's necessary if they need some sort of contact information from you to, you know, get in contact with you and update you on their ICO etc. There will be no rule implemented that they can't ask for this but you are free to either not give them it, not join their campaign, or give them a throwaway account. There are numerous ways you can protect yourself here.

Can you tell which campaign is doing this ? I have not seen any signature campaign doing this so far from different campaign mangers in signature campaigns which are paying in bitcoins. It sounds really surpassing because there is actually no need of email for payment.

Till the problem gets sorted out, you can simply change your email on this forum and use a temporary mail that cannot be associated with your identity. You can do this by going in your forum settings and it will hardly take a minute.

I'm not a fan of bounty hunting but since 9th Jan I'm participating in bounty campaigns to experiment something and also to see if it worth giving the efforts. Though I haven't earned $1 yet.

There is an issue with bounty managers, they are just exposing participants email ids. In my opinion, it is not a right thing at all, it's just unacceptable.
I've pmed some managers to hide the column, some of them did and some of them not.

We all know peoples sales email ids / databases to feed their greed. Even we can see so many sellers in this forum, I've even reported so many of them.

But I have a question why it is necessary to provide email id to participate in a bounty campaign? Let's assume that they need it for news, updates, and promotions.
Then they can offer a newsletter campaign, whoever wants to join will join and others will skip if they desperately want to collect email ids of participants.
And if they still want to keep the traditional way then they can just hide the email id column from the spreadsheet, right?


Ps. I don't know if this issue has been discussed before, let me know I'll lock this thread.