Last week we showed how EXIF data embedded in photos can pinpoint where a picture was taken — and how to remove it. This week, we show you how your mobile devices encode location data into your social media posts, which can be just as scary.
Could Pinterest lead creeps straight to your front door? Could tweets by your well-meaning aunt endanger your kids? Could the pervert down the street use Instagram to get a birds-eye view of your personal life? Shockingly, if you use a mobile device to post to these and other social media platforms, the answer may well be yes.
Many mobile devices like iPhone and Android phones come with geolocation turned on, which lets social media apps include your GPS coordinates with your posts. According to the Pew Internet and American Life Project, in 2013, 30% of adult social media users said that they had set up at least one of their social media accounts to include this data.
If you’ve turned on location service in your social media apps, you may not realize that every tweet, post, and update you make could be revealing your precise street address. The stalking potential of this is horrific.
The “Woz” apparently has location services enabled on his mobile devices, so when he posts to social media, we can track his movements using the Teaching Privacy Project’s “Ready or Not?” app.
This app, created by the International Computer Science Institute at UC Berkeley, demonstrates how location and time stamp metadata from his posts can be used to locate Wozniak and make inferences about his behavior.
Notice that when we plug Wozniak’s twitter handle into the app, we can see where he’s been in the world, the days and times he’s been there, and how often he reports from those areas. Armed with that information, someone wanting to meet up with him could target him and his family —or they could know when to drop by for a home visit when he’s not around.
Creepy new “services” are springing up to share your inadvertent GPS data
It was only a matter of time before somebody combined all this GPS data with Google Maps to create the ultimate stalker tool. A company called Echosec has done just that, with a disturbing new service that pinpoints social media posts emanating from an entire country, a school, or even a family home. To get a sense of how this is playing out in your own community, take a look at a map of your neighborhood through the Echosec public app.
Echosec’s website boasts of “actual search results…around military bases, schools, industrial facilities, government offices, etc,” while acknowledging that the “implications of this technology…are enormous.” (Seems like an understatement to us.)
In our own tests, we were able to pinpoint and isolate public schools, parks and homes on a map and view social media posts made from those locations. Posts included pictures of children, love notes, travel plans, drunken parties, and other sensitive information posted by teachers, parents, and children — many providing the full names of the people pictured.Imagine strangers having the ability to access this information to identify kids as they head home from school or walk to the local park. Using details from geotagged posts, creeps could call kids by name and lure them with detailed knowledge about their parents, pets, and vacation spots.
Protect yourself and the ones you love
Now that we’ve scared the bejeebers out of you, we hope your next step is to disable location services on your social media accounts and mobile devices. We’ve provided links below from Teaching Privacy and popular social media services to walk you through the process.
Instructions for Specific Devices:
Take a few moments now to make these simple changes, and the next time you post to social media or upload a photo, you can rest easier knowing you’re not inadvertently revealing data that could put you and others at risk.
Til next time,
Katherine & Liz
Join the privacy revolution by switching to StartPage.com the private search engine, and using StartMail.com encrypted email, both projects Katherine has helped develop. You can catch Katherine on radio daily at www.kmashow.com. And please read our book, Spychips, to learn more about privacy-invading technology and how to defeat it.
Photo credits: myillo/iStock.com, Al Luckow/Wikipedia, TeachingPrivacy.com, Echosec.net