Database containing 1.8m UK postcode locations leaks online An alleged copy of the UK postcode list has tipped up on WikiLeaks. The whistleblower site claims to currently be hosting a database containing 1,841,177 Blighty postcodes “together with latitude and longitude, grid references, country, district, ward, NHS codes and regions, Ordnance Survey reference, and date of introduction …
Been waiting for this to happen. Also, could someone please do the same for the UK border data (County borders and such). I put in a FOI request for those but was denied. Crown Copyright is an abuse of power - ALL information held under it should be in the public domain. The US release theirs under the TIGER scheme, but we have no such equivalent, unless you are an educational institution.
I find that kind of ridiculous: Bye-laws can vary by county - but given a lat long you cannot know (without paying), which county you are in and thus which bye-laws you are subject to.
Royal Mail licence the DB to companies for inclusion in address completion software, address lookup etc.. I'm guessing that for each licencee they add a fake postcode so if the DB does get leaked they can trace the source.
Bonus fact. According to Wiki, this adding of a false entry to something is also called a Mountweazel or Nihilartikel.
OpenStreetMap would also be far better with a complete set of postcode data. At the moment it can be added piecemeal by people entering locations (or using a GPS-enabled phone to report its current position) where they know the postcode - but this cannot be done from a dump of the data or Royal Mail's postcode finder (just as you cannot trace from Google aerial imagery) as the map would become copyright-encumbered.
Until this minute, I thought it was in the public domain anyway.
How else, I wondered, do online shopping sites etc resolve our post codes to addresses.
How else does Google (and other) maps, Earth, etc, zoom straight to an entered postcode?
Now I learn Royal Mail has been making money out of it. They are our* postcodes! Let them be public!
If they are required in a nice database format for commercial use, then let the Royal Mail make a service, or media, whatever, charge, but licensing?
*Your postcodes: I don't live there any longer.
If I personally created the data in this database - linking a postcode to a lattitude and lognitude, I would be well within my rights - to that extent, the data is already public; I know my postcode and I know my location.
What are the legal implications of making use of a leaked copy?
(I have a potential use for this data. My use will not make me. nor anyone else, any money, but could provide a useful service, but if I got the data from the Royal Mail, they would charge me the occasional limb.)
more spam...
direct to your door this time...
though the post office shouldnt really complain as they will make a nice little earner from all those extra stamps sold.
though i pity the postys that are gonna have to do some real work for a change ;)
sorry guys no more chucking the extras back in the nearest postbox cos your poor feet ache...
or bunking off home cos you feel like watching the footy early... down the pub
The leak of this information may or may not be that significant but it again highlights the potential to lose of these super databases.
Imagine if the Vetting Database got leaked with all the positives and negatives on. Wouldn't that be interesting.
I sure if you had asked the Royal Mail last week could this happen they would have swore blind that the safeguards they had in place would prevent such a lapse of security. I guess they maybe shaken in their complacency.
Of course we have only seen the released list of the database who can say what actually went missing? Names and all... Probably
Royal Mail is the British post service. To achieve this it is given money by the government from our taxes. Therefore any extra income it gets from a database that it maintains offsets the tax required to keep it running.
On the other hand it could be available to each and every person to use thereby offsetting costs of their businesses.
However it shouldn't be available to anyone who hasn't contributed to it in the first place - non-taxpayers like foreign companies.
Better it offsets the running costs of the mail than giving everyone equal opportunity to junk mail me.
The number of times I've begrudgingly paid for access to third party postal code services when developing ecommerce solutions eludes me. I daresay it won't be long before developers are preparing their own self-contained post code lookup solutions that are not tied to on-going subscription fees.
I'm going to wait until I hear more on the legality of using this data, but if it turns out that using the data is acceptable then I'm definitely replacing the post code lookup solution in all my ecommerce sites with a home-grown subscription-free alternative.
What happens if someone sends the child benefit database to Wikileaks? Or something similar, like the customer database for Amazon, complete with credit card info? When it was a whistleblowers' site, it made sense. The list of postcodes can hardly be considered confidential information that needs to be leaked.
I think 'leaks' like this are starting to damage Wikileaks's credibility, and might make governments finally club together and give them a kicking. While they're at it, they can do all the other stuff they want, like removing filesharers and anonymity.
"This leak online isn’t that significant, however, given that it doesn’t contain the names and/or addresses of houses in each postcode that the PAF holds."
Perhaps not much use for address <-> post code lookups, but pretty useful for geocoding, no? Perhaps Google would like to use the WikiLeaked data to improve their geocoder which is notoriously wobbly when it comes to UK postcodes.
A quick search of the list shows that (apart from the fact that Lat and Lon are inexplicably the wrong way around in the file) the coordinates are very good.
Anyone who has licenced PAF has been able ,if they so wished, to extract the information from the CD that royal mail provide, there is even an export function on the one I used, I am surprised no one has done it before. An export that I made some time ago had nothing in it to identify the origin so no one would have known where it came from .
Santa will be pleased. Now as a special treat I wonder if the old fella with the white beard and red robes could deliver something down the chimney of Number 10?
Yes, it is ticking Grandpa, I've bought the geezer who lives there a new clock, honest....but it's important that it gets there no later than 9:20am tomorrow morning okay, because that's when it needs winding up again. Trust me, I'm not a salesman.
The people we were using are likely to stop selling this, so it's handy to know where we can get the data to fill in some of the gaps. OK, not much good to marketting people but very useful for c/o type applications, eg: Google Maps API (as that only does it to the first bit of the postcode).
I haven't looked at the data, but from the description it is the NSPD (National Statistics Postcode Directory) from Office for National Statistics, not PAF. It is also commercially available - http://www.ons.gov.uk/about-statistics/geography/products/geog-products-postcode/nspd/index.html
My thought exactly. The OS does the same thing adding easter eggs to maps (something small like a mews where there's actually a terrace of houses) so that they can tell if other companies have ripped off their maps.
Never heard the term "Mountweazel", but then easter egg isn't really the best description either.
Dont forget that this data will be protected under database rights, which is similar to copyright. However one difference is, breaching database rights is actualy a criminal offence.
So this wikileak is essentianly useless.
Mines the one with the GPS scanner and notebook in the pockets
Quote:
What happens if someone sends the child benefit database to Wikileaks? Or something similar, like the customer database for Amazon, complete with credit card info? When it was a whistleblowers' site, it made sense. The list of postcodes can hardly be considered confidential information that needs to be leaked.
End quote.
By the time stuff gets uploaded to Wikileaks, you can be sure it was already leaked on P2P networks or used by people and probably even sold on underground networks for thousands of dollars.
By getting it to the public, you can at least be sure the organizations/ companies involved won't be able to ignore or cover up the security issues or threats and they'll have to be proactive in protecting those persons/customers (in Amazon's example, they'll have to notify the customer and give him credit protection or something like that - either way better than just ignoring it and customers finding out they lost hundreds of dollars and arguing with the banks for days to revert the charges)
National Statistics Postcode Database, which they refuse to release under FOI as they charge "reasonable" fees, although they have flat fees which I'm sure they shouldn't have as I'm sure that "reasonable" is supposed to be means-tested.
Seriously, how can they charge more if you want the data for 1 person or for 250 people? All they are doing is sending a DVD.
Surely though they can't argue with you using data that you didn't trouble them to provide? I'm going to ask them.
This would be useful to any one wanting to develop a website before paying for the database.
If the database were free many developers in the UK would create new websites: entrepreneurship... supposed to be a good thing.
Conspiracy theory? This has been done deliberately to either subvert the revenue line of the liberated versions of the database already out there or to identify the the users of this 'liberated' version because it may have bad data purposefully poked into it.
Check the 1841177 postcodes against http://postcodedb.sourceforge.net/ but don't submit the info...it could be bad.
This post has been deleted by its author
Maybe it will help some of the NAV manufacturers understand that, unlike the continent, UK postcodes imply more than just the town.
Interestingly, I compared a couple of Lat Lon positions from the database with a postcode search on Google Maps. They were close but not the same, so I guess Google uses a different postcode database.
The PAF has always been available if you knew where to look, copies (encrypted to a very low standard) are supplied by PAF licensees for in-house postcode lookup installs (one example: http://www.simply-postcode-lookup.com/Software/LocalData.htm) and so cracked versions have been circulating for years.
There is one fundamental problem with the PAF though: it goes out of date, surprisingly rapidly if you are serious about using the data. Most PAF licenses include not only the right to use the data, but updates to the data every month/quarter.
As such, this Wikileaks thing is such a no story.
Also, to those that are searching for postcodes and saying they are not there, how are you checking? Excel prior to 2007 will only show the first 65,536 rows, and 2007/2010 will only show the first 1,048,576 and I'm willing to bet most text editors will simply die trying to open a file that big.
I've been checking the CSV via a database driver and it all seems to be fairly well in order.
Be aware -
- Google & Yahoo use WGS84
- Postzon dataset is OSGB36 eastings & northings.
For the exact same coords you could be 300 metres misplaced.
For a postcode coord, you might be 1000m misplaced.
See - A guide to coordinate systems in Great Britain
http://www.ordnancesurvey.co.uk/oswebsite/gps/information/coordinatesystemsinfo/guidecontents/
HTH
Someone please post the full PAF.
We pay for it, to deny us access to it due to profit/copyright concerns is just nonsense.
Royal mail need to stop living in the 1950s, we're in an information age and they're quickly becoming an irrelevance. Providing public services like a free and open PAF and their other address-related data would be a good way to justify the susbidies we give them.
The f*ckin idiot(s) that developed the PAF (Post Office Address File) didn't allow for the use of non-numeric characters in the building number field, meaning that any premises that occupy more than one building (e.g. 43-45) can not be catered for correctly and instead requires wrong data be out into incorrect fields as a work-around (such is the genius of the Post Office).
The PAF also contains numerous errors and yet every company seems to treat the PAF as some kind if it were some kind of infallible truth and as if they know where I live better than I do myself.
I (and many, many others) have been trying to get the Post Office to fix these problems, but they absolutely refuse.
"PAF is overpriced and a data monopoly, but that doesn't mean it should be unlicensed, free or pirated. Yes, it's our data but 'we' also get revenue from it."
The problem is that the revenue has to come from somewhere. So, while the Post Office makes £1.6m, that is a cost to businesses (and ultimately, the consumer). It would be a zero sum operation, except that there's a whole bunch of people administering the sales which means it increases inefficiency (as well as the PAF costs being a deterrent to business).
The vast majority of work for the PAF is already done regardless of business sales, and the cost of allowing free downloads would be tiny and would be more than covered by the value given to businesses. Or charge people a nominal £1 (but allow free distribution too).
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
