Dangers of Dumpster Diving

Dumpster Diving, Trash Picking

Dumpster diving might sound humorous at first. Until you realize the real-life security risks involved. Many people aren’t aware that dumpster diving or trash picking is largely legal in all 50 states. We spoke to NYU professor, and 20-year cybersecurity veteran Pieter VanIperen about the risks and implications dumpster diving can have on data security. As an instructor and managing partner at PWV Consultants, Pieter actually has a section of his course devoted entirely to this practice. Watch our video interview below.

Legality of Dumpster Diving


Not only is dumpster diving mostly legal, it’s also a common practice these days. Pieter explains that it’s typically only illegal in rare circumstances where it’s prohibited by local ordinance, or you’re trespassing to gain access. “Here’s the thing though, in most places there’s a trash pickup day where all your trash needs to be moved to the curb for pickup. Once trash is on the curb it’s technically public property” he says.

Data Destruction Laws

There’s also legal precedent to back up what he’s saying. A 1988 Supreme Court case (State of California vs. Greenwood) states that searching through the trash is legal as long as it doesn’t go against any city, county, or state ordinances. Once trash is on the curb, or in your driveway, it’s considered public domain. This means that your trash is free to be searched through by anyone who may want to look.

Pieter also mentions “in a lot of these places where trash picking is prohibited by ordinance, it’s really only a slap on the wrist. If I’m not worried about the $250 fine, I might do it anyway.” So make sure you’re not throwing away anything too sensitive.

Criminal and Law Enforcement Applications of Dumpster Diving

surveillance spy binoculars

Surprisingly, both applications are really similar. Criminals use dumpster diving for a variety of exploits from identity theft to social engineering attacks. Law enforcement and intelligence agencies have used trash in evidence gathering and dossier building for years.

“You can get a really clear picture of someone’s life from the refuse they leave behind” Pieter says. Even something as simple as where they order food from, what foods they may like or dislike, or where they shop. “You can piece together a decent amount with just some reasonable guessing. Everything from where they’ve been, who they’re seeing, and when.” All of this information can be used against an individual.

Dumpster Diving is a Real Threat

Crossword puzzle showing social engineering keywords as dice on a white board cybersecurity concept flat design 3D illustration

Perhaps the most alarming threats come in the form of ransom attacks and social engineering. These attacks typically fall into two categories. First is the angle of using information to construct a scenario where a person is duped into giving up critical information. “You were at so-and-so’s place and left something….Give me some information and I’ll get it back to you.” Second and perhaps most alarming is the leverage angle. Applying pressure to force an individual into taking some kind of action. Similar to blackmail.

Pieter says “look, I’m a parent…could someone go through my trash and find kid’s stuff? Diapers, paperwork from the school, etc? One avenue of attack might be that something is going on at the school. However, another avenue might be that if you don’t do this thing for me, I’ll do something to your kid. These threats may be oceans away, but you don’t necessarily know that.”

The information that can be retrieved from the trash is potentially dangerous. “I teach this in my course, and it’s been taught in every course I’ve ever taken on intelligence gathering,” Pieter says. “I think it’s important for your audience to understand that this is a real thing that happens regularly. It’s not some freak occurrence.”

Ways to Protect Yourself

Pieter advises professional disposal for anything sensitive. Hiring an outside vendor is by far the most secure option. Short of hiring a professional, Pieter advises using a personal shredder at the very least, but consumer grade shredders are nowhere near the level of protection as an industrial operation.

green check

Shred Nations partners with some of the most secure document and IT asset destruction companies in the data destruction business. We can help you find the service that’s right for your business or personal needs. Start the process now by filling out the form to the right, using the live chat option, or calling us at (800) 747-3365. You’ll receive a response in minutes from top specialists in your area. Don’t leave your security to chance. Call us today.