Advertisement
Tech by VICE

The People Paid to Dox Airbnb Addresses

In response to a need to enforce short term rental legislation, an industry of companies has popped up tasked with finding the real addresses of Airbnbs and other properties.

by Joseph Cox
Aug 22 2019, 2:40pm

Image: Chesnot/Getty Images

When Airbnb hosts sign up with the service to let people stay at their homes, the company takes an important step to protect their privacy and safety: Their exact address isn't publicly listed, and is only shared with people who actually book a stay with them.

"Your listing’s address will only be shown to guests with a confirmed reservation," Airbnb says in the help section of its website. "In public search results, we only show an approximate location for your listing."

But a cottage industry of tech companies dedicated to uncovering the exact addresses of Airbnb and HomeAway properties has popped up, and is paying human contractors to find these addresses using Google Maps, Zillow, White Pages, Facebook, and other online sources and give them to governments, Motherboard has learned. City governments say they need these addresses to make sure Airbnbs are in compliance with local regulations.

"It is essentially doxing for money," one contractor, who did not work directly on the tasks but who is familiar with them, told Motherboard.

The "Airbnb police" aren't always high-tech, automated solutions as they're sometimes portrayed, according to sources, documents, and leaked chat logs obtained by Motherboard.

Do you work as a contractor or employee for a tech giant? Did you used to? We'd love to hear from you. You can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on jfcox@jabber.ccc.de, or email joseph.cox@vice.com.

Host Compliance, one company in this space, "was founded on the premise that effective and efficient enforcement of short-term rentals regulation requires ‘Big City’ and 'Big Data' technology," the company's website reads. "Unlike any other vendors we have therefore invested significant resources into building state-of-the art monitoring solutions and workflows that enable us to deliver fair, continuous and consistent compliance monitoring and enforcement of any regulatory regime."

But the Host Compliance platform is based on Amazon Mechanical Turk, or MTurk, a marketplace for companies to connect with a decentralized workforce. Here, companies can offer tasks to contract workers for all sorts of different products.

A current contractor leaked Motherboard an internal training video for those working for Host Compliance. When working on a task, contractors are presented with a Google Maps style interface, with yellow and orange pins on top of buildings, according to the video. Orange pins are ones that the automatic part of the system has determined are likely rental properties, the video narrator says. Contractors can use people search tools such as WhitePages.com embedded within the Host Compliance panel to conduct searches. Workers can then filter potential matches for the correct address by property owner name if they have that information, before selecting which address they believe the Airbnb or other listing is from. At the end, contractors are asked to provide evidence of their work, be that screenshots or links.

"It is essentially doxing for money."

"Screenshots of interior or exterior matching evidence from other sources (like Zillow or Google Maps) must be found," the current contractor told Motherboard. Motherboard granted several sources in this story anonymity to discuss sensitive work practices.

"These tasks encourage the use of anything online to find these people, using reverse image search, local property records for the region, news articles, Facebook, anything you can find that proves without a doubt the house at that address matches the rather anonymous AirBnb posting," the contractor familiar with the tasks said.

The current contractor also provided Motherboard with a guide for contractors answering some frequently asked questions around completing their work.

"What do I do with a boat?" one section of the guide starts. "Is the boat docked at a home? Then identify the address of the home. Is the boat docked at a marina? Then identify the address of the marina," reads the response.

An Airbnb spokesperson told Motherboard in an email "At a moment when online privacy is top of mind for so many, it is concerning to see rogue, third party sites using shady tactics to unearth private user information and sell it to cities. Airbnb has partnered with cities around the world to develop and implement home sharing rules and continues to believe that governments, not third party sites, are best equipped to enforce local laws."

Chris Fiore, communications manager for the city of South Lake Tahoe, which is a Host Compliance customer, wrote in an email "the end result is beneficial to the city."

THE WORKFORCE

The current contractor who works on the Host Compliance program, also known as VacationrentalAPI, told Motherboard "For listings Host Compliance has just posted, we are paid $2 for a correct ID and if we cannot ID it, we are to return it and not get money." After some time, that amount increases to $2.50, then $3.15, $4.00, until a contractor finds the address or Host Compliance determines no one will be able to and removes the listing, the contractor said.

"This encourages slower workers to spend a long time at a low hourly rate and faster workers to only work on easily identified listings," they added. They also said contractors can get a $2 "bonus" for correctly identifying the apartment unit number too. It appears that Host Compliance does pay more than many other tasks on MTurk.

"The consensus among the MTurk analysts that work on our HITS consistently say that they feel we pay generously," Ulrik Binzer, founder and CEO of Host Compliance wrote in an email, with HITS referring to different jobs available to workers on MTurk.

Recently contractors working on the Host Compliance program have been concerned that they may lose money without knowing it, according to Slack channel screenshots leaked to Motherboard. Contractors are not eligible for any bonuses if they make a single mistake, according to one Slack message from a liaison between Host Compliance and the contractors.

"It feels dirty to have hundreds of dollars erased without knowing for an entire month as we continue to work for [one half] as much [as] we think," one contractor wrote in response. "I'm even ok with taking our bonus for that specific day, but the month is quite an overstep."

"If someone submits 300 units numbers in a month, and one is incorrect, they now forfeit $600 worth of bonus [?]," another contractor asked.

Binzer disagreed with this characterization of the company's bonuses, and wrote in an email "if an individual mTurk analysts' QA results for that week alone are found to be below our required accuracy rate of 99%, the analyst will not get paid bonuses for that week alone."

"It feels dirty to have hundreds of dollars erased without knowing."

Binzer said the company has "been able to provide a means of earning a good living for people who would not otherwise have many employment alternatives. For example many of the MTurk analysts we work with are located in very rural parts of the country, have disabilities, do not have traditional education or lack significant traditional employment history."

"Our solution uses a combination of automated tools and analysts to locate the illegal short-term rentals and document those listing-to-address matches. Given this, we of course tell all our local government clients that every match is reviewed, confirmed and documented by a human being and even provide them with the ID of the analyst front and center on the software’s user interface. We are open with our customers that the analysts are not our employees as everyone understands that it would be impossible to recruit, manage and train enough qualified people if everyone had to work from 9-5 in a traditional office environment in one particular location," he added.

Subscribe to our new cybersecurity podcast, CYBER.