A question of ethics
Various estimates have been made regarding the quantity of personal identifying information which has been exposed by various mechanisms. Obviously, though, we only know about what we can see, so seeing more would make such estimates better.
One way to see more would be to look in more places, for example on peer-to-peer file sharing networks.
So here’s the question: would it be ethical (and if so, under what conditions) to deliberately seek out files containing PII as made available via P2P networks, in order to better understand the extent to which such information is exposed, and how?
I have an opinion on this question, but I’m very interested in what others think.