Testing for memo leaks
April 30, 2007 9:26 AM   Subscribe

What's the name for planting slightly different details into multiple copies of a document or memo to track who is leaking information from an organization?

I'm not sure if this was just a literary device in some novel I've forgotten the name of. It seems it had a bird or fish name of some kind. The closest thing I can find is "red herring" but that doesn't accurately describe this kind of leak detection.
posted by Kip to Writing & Language (21 answers total) 5 users marked this as a favorite
It was a Tom Clancy novel.....
posted by popechunk at 9:31 AM on April 30, 2007

posted by rottytooth at 9:35 AM on April 30, 2007

Tom Clancy called it a Canary Trap. I don't know if it's a real thing ro not...
posted by crickets at 9:37 AM on April 30, 2007

Best answer: It is... Wikipedia: Canary Trap
posted by crickets at 9:38 AM on April 30, 2007

Watermarking? I have heard of it happening in practice... Mole trap would be quite a good name...
posted by prentiz at 9:40 AM on April 30, 2007

Response by poster: Ahh, thank you. Though Mountweazel was an interesting tangent.
posted by Kip at 9:49 AM on April 30, 2007

Supposedly, they tell different departments at Apple about fake products in development to see which departments leak info to the net.
posted by sharkfu at 9:54 AM on April 30, 2007

Wasn't this also a plot device in the Miami Vice movie?
posted by spicynuts at 10:15 AM on April 30, 2007

They've been inserting fake words into encycliopedias and dictionaries too, to tell if their words are being poached or not.
posted by cowbellemoo at 10:57 AM on April 30, 2007

Don't know if it's what you're looking for, but in the cartography game, it's traditional for map makers to put "bunnies" or map traps in their projects to see if anyone is copying them verbatim. For example, a 1978 Michigan map listed the ficticious town of Beatosu (Beat OSU).
posted by Oriole Adams at 10:58 AM on April 30, 2007 [1 favorite]

And you can try it yourself! I read about this somewhere, and I did it. I wanted to subscribe to a magazine. I filled out the card and had them bill me. But I changed the spelling of my name just slightly. Sure enough, they billed me and I got the magazine, along with a ton of other junk mail (direct response advertising) with my misspelled name on it. So I know who the magazine company sold my name/address to.

Not that there was anything I could do about it, but it was somewhat interesting to try.
posted by jeff-o-matic at 11:05 AM on April 30, 2007

jeff-o-matic: I do this with e-mail. I create a new address for any website that requires an e-mail for registration.... e.g. chicagotribune@mydomain.com.
posted by Artifice_Eternity at 11:34 AM on April 30, 2007

To follow up the sorta derail, you can also do it with gmail address; just add "+companyname@gmail.com" to your email. So if your email is myname@gmail.com, put your email down at apple.com as "myname+apple@gmail.com".
posted by inigo2 at 11:59 AM on April 30, 2007

There was a related event in Boston while I lived there. There were two companies that competed in the business of providing traffic advisories to client radio stations. One of them did all the work of monitoring police reports and so on, but suspected the other was just leeching their reports and duplicating them.

So a couple of times they released phony ones. One in particular was about a traffic slowdown caused by a dog running around on the highway. There was no such slowdown or dog -- but the other company announced it anyway.

Using that evidence there was a successful lawsuit.
posted by Steven C. Den Beste at 12:14 PM on April 30, 2007

I love the self-referential nature of this, from the first Wikipedia article: "The term Nihilartikel for a fictitious entry originated at the German Wikipedia but was later identified as a fictious entry."
posted by gingerbeer at 2:18 PM on April 30, 2007


this is a great idea, and I've tried to do this whenever possible, however I am finding that there are a LOT of sites that consider the + an illegal character. Probably 6 out of 10 sites where I try this I am not able to use the Gmail + feature.
posted by tdischino at 2:33 PM on April 30, 2007

A similar practice when selling mailing lists is called "Seeding" or "Salting", so maybe those terms could be used. You insert a fictious name with, say, your own address, when you sell the list. When you get mail addressed to that name that is outside the permitted use of the sold list, you have proof the agreement has been violated. See Section 4 of this page.
posted by juggler at 2:47 PM on April 30, 2007

I like the gmail "myaddress+companyname@gmail.com" idea, but I would be afraid that email harvesters are clever enough to strip all the "+companyname" from gmail addresses.
posted by mrgoldenbrown at 4:52 PM on April 30, 2007

crickets' Wiki entry (marked as best answer) also mentions that MI5 may use the term "barium meal" (US: "barium enema"), which is to my mind even better — nice 'n' graphic.
posted by rob511 at 6:06 PM on April 30, 2007

this is a great idea, and I've tried to do this whenever possible, however I am finding that there are a LOT of sites that consider the + an illegal character. Probably 6 out of 10 sites where I try this I am not able to use the Gmail + feature.

One alternative I've found, when dealing with a company that blocks the plus sign, and I feel especially uncomfortable about, is to add a random period in the email address (eg. mynam.e@gmail.com), as the period is ignored by google as well. It means you have to remember what company you gave it to, but if it starts getting a ton of spam you can route everything to it directly to the spam folder.)
posted by inigo2 at 7:28 AM on May 1, 2007

Barium meal is the term I'm most familiar with, although I've also heard canary trap. Both mean the same thing.
posted by scalefree at 3:32 PM on May 2, 2007

« Older American buying apt in Berlin   |   What can be done to combat/remedy sudden spatial... Newer »
This thread is closed to new comments.