MaxMind provides location information to thousands of companies. Some use it to display local ads. Some use it to prevent fraud. Some use it to determine whether a customer is accessing the right version of their website or service.
MaxMind has never told me exactly what their secret sauce is for determining where in the world an IP address is located, but if it doesn’t know that much about an IP address and knows only that it’s being used by a device somewhere in the United States, it previously gave the coordinates for the front yard of Joyce Taylor’s farm in Kansas; by the time I called her in 2016, 90 million IP addresses were mapped to her home in MaxMind’s database. Any time a device using one of those IP addresses did something terrible, those looking into it assumed the people who lived at the farm were responsible.
When I emailed the company’s founder Thomas Mather, back in 2016, asking why it had associated so many IP addresses with the Kansas farm, he’d been incredibly candid with me, explaining that the company had picked a default central digital location for the United States without realizing it would cause problems for the person who lived there. He asked me what the company should do to rectify the situation. “Do you have a sense of how far away we should locate these lat/lons from a residential address?” he emailed me back. “Do we also need to locate the lat/lon away from business/commercial addresses?”
Technologist Dhruv Mehrotra crawled MaxMind’s free database for me and plotted the locations that showed up most frequently. Unfortunately, John and Ann’s house must have just missed MaxMind’s cut-off for remediation. Theirs was the 104th most popular location in the database, with over a million IP addresses mapped to it.
I can’t imagine the calamity that would ensue if one of these people were the victims of swatting.