Datamining For Dates

When Chris McKinlay, a 35-year-old PhD student, had little luck using OKCupid, he coded a script that mined profiles of potential love interests and helped him optimize his own profile for visibility:

[H]e created two profiles, one with a photo of him rock climbing and the other of him playing guitar at a music gig. “Regardless of future plans, what’s more interesting to you right now? Sex or love?” went one question. Answer: Love, obviously. But for the younger A cluster, he followed his computer’s direction and rated the question “very important.” For the B cluster, it was “mandatory.”

When the last question was answered and ranked, he ran a search on OkCupid for women in Los Angeles sorted by match percentage. At the top: a page of women matched at 99 percent. He scrolled down … and down … and down. Ten thousand women scrolled by, from all over Los Angeles, and he was still in the 90s.

He needed one more step to get noticed. OkCupid members are notified when some­one views their pages, so he wrote a new program to visit the pages of his top-rated matches, cycling by age: a thousand 41-year-old women on Monday, another thousand 40-year-old women on Tuesday, looping back through when he reached 27-year-olds two weeks later. Women reciprocated by visiting his profiles, some 400 a day. And messages began to roll in.

Adam L. Penenberg wonders if McKinlay might have violated federal law:

After I tweeted the story one of my followers who works in computer security reminded me that McKinlay may have run afoul of one of the shabbiest laws in existence: The Computer Fraud and Abuse Act (CFAA) — the same law that Federal prosecutors used to pressure Aaron Swartz.

CFAA makes it a crime to access a computer without authorization, a catchall chunk of poorly conceived legislation that has been ripe for abuse. For example, there’s the case of Andrew “weev” Auernheimer, who, as a member of a hacker group called “Goatse Security” in June 2010, scraped AT&T’s website for the email addresses of iPad users then shared the file with Gawker to show the porousness of the telecommunication company’s security. No money changed hands. He didn’t break into AT&T’s computer network or cause any damage. He simply created an automated script to vacuum up information off a publicly available webpage. After being found guilty Auernheimer was sentenced to three and a half years in prison and forced to pay $73,000 in restitution to AT&T, which had to plug the security hole.