This app just shows what we've known, or should have known, about Facebook and Foursquare. When you check in, people know where you are! and every public piece of data on Facebook is available to every frat rat and creepy stalker on the planet. Somehow the author realized that "normal" people don't think about it that way. The article isn't news so much as a PSA.
Odd that whoever wrote the headline decided to directly contradict the author's conclusion at the bottom: this isn't anything new.
Why wouldn't I tell the internet where I am? It's not really a compromising piece of information. (For example: Right now I'm in an office building at 5th and Mission, in San Francisco!)
I know that some people have a safety need to stay more hidden than I do, and we should continue to make it possible for them to stay unmapped.
But for the average person: I don't think their physical location is that significant or dangerous.
Maybe because tracking down the address for a Jesse W. in SanFrancisco isn't that hard (you just need the right website), and after that... Somebody already pointed out that a "Burglar Me Please" app would be banal to write: you just walk along SF, and the app will tell you which owner is home and which is away, and how far s/he is; correlate with Facebook (is he married? is he so young he might be sharing his flat?) and you get a list of easy targets in the area.
It's not only about where you are, it's also about where you are not at any given time.
Not just _a_ place at _a_ time, but possibly a multi-year history of not just locations, but businesses/venues/events/communities.
I'm less concerned about burglary than I am about big business.
I wonder how long before we start hearing stories like "My health insurance just went up 300% - when I asked why, they said I visit bars on average twice a week, I eat out at higher than average rates at restaurants ranked on the high side of increasing heart risk, I routinely travel at walking pace through high-crime areas, and I've attended 13 events at which illegal drug use has been reported."
No movement, lights or noise could also mean someone is in the house sleeping, in the backyard, in another part of the house if it is a larger one and you also have no idea how soon the inhabitant(s) will be back.
pleaserobme.com has existed for while (looks like they have changed it to be more of a data leakage awareness site but originally it just spit out a stream of people who weren't home).
I agree. Broadcasting your location is only dangerous if you are in a potential position of danger. The fact that you are at work in a secure office building (presumably at Square) means you are probably not in a position of danger. Also, you probably don't worry about being followed home from work. If a young woman were broadcasting which shortcut down the alley she tends to take on her way home from work, one might argue that is a different story. You are not vulnerable at your location; some people might accidentally publish a trend of vulnerable locations.
Broadcasting your location also broadcasts where you aren't. I'm shocked there haven't been more news stories (or scare stories) about people being burglarized based on checkins.
Most people aren't at home during regular working hours. That might be why most burglaries occur during daytime hours when nobody is at home. No location sharing necessary.
One reason is that it's not just your location that's the issue.
It's your location + all the other public information I can potentially find out about you combined with your location. The combination of a lot of separate facts can, together, potentially make people open to risks that aren't immediately obvious.
For example consider what location from foursquare + sexual orientation from facebook + photo from twitter would give to the scum who gay bash. The combination of religion + location + face is another thing some folk wouldn't want to be public.
I hate to think what the National Front would have done with a "gays, muslims & jews near me" app...
People don’t think about privacy issues because our psychology doesn’t trigger much emotion for autonomous opt-in broadcast to people not currently visible. There’s no sense of violation. It’s very easy to forget about it and it starts to feel normal. In a way it’s also empowering to be so open; it makes you feel like you’re not afraid of anything.
If you actually step through what is happening when you use these apps (all the individual people you are informing of where you are and have been, your habits, preferences—a complete digital record) you might start to see some risks. Then ask yourself, even if it was easy, would you go round handing out that data on paper to large groups of contacts indiscriminately on a regular basis indefinitely? That’s what’s actually happening here. Now remember there are people (trolls) who get a kick out of being able to do things to do from a safe distance for no reason at all. There are also people closer to you who have fragile egos or maybe you were just in the wrong place at the wrong time. Using something like Foursquare is giving these people ammunition. The fantasy we like to believe is that everyone we know is trustworthy. The reality is not so rosy.
"Somehow the author realized that "normal" people don't think about it that way."
Could someone with a bit more understanding of "normal" people explain why this is? There are many cases where people seem to throw caution out of the window just because they're on the Internet. It doesn't make sense to me.
Normal people are used to having the luxury of being very open about almost every facet of their lives and not having to worry about it biting them. The privacy paranoids have largely been, well, paranoid. This has been changing over the past decade or so, but most people still don't believe it. Not really. Apps like this will change public perception, and have a backlash against permissive default privacy policies. At least I hope so.
Big data and user profiling is a somewhat recent trend, if you consider the age of the internet. It used to be that free web services merely showed you ads, and people got used to that. I don't think most of them have realized just by what order of magnitude things have escalated, how much information they are making public outside the immediate app and connected friends and how they have become a product for these enterprises to sell.
I would say that most users of these kind of applications do not even dream of the consequences of the combination of the data the make available. It needs geek mentality and more algorithmic thinking then you would expect to realize this.
You could even try to reconstruct foursquare locations of people who are not on FS just by their FB buddies ... try to explain that to "normal people".
And isn't it a bit scary that you seem to need more and more caution as time goes by? Would we need more responsibility on the side of the makers or do we keep blaming "normal people" for the world we create? (like we do it with, let's say, their inability to maintain secure passwords?)
I was using neighbour to refer to the concept of the fellow (wo)man. I did not mean to insinuate that people who have concerns over privacy live in fear. Personally, for me, I would more enjoy living in a society where some people are comfortable publicly sharing their identity.
But your solution stops being effective at the slightest loss of control of the data. Also, you can't control other people who might get access to it.
How does your public identity being tied to your "real self" helps you if some random person decides to break into your house? How would you feel if people you don't even know started shouting "Happy Birthday" to you on your birthday? How would you feel if those same people started talking about those genital warts you had to treat two years ago?
People will be comfortable sharing anything (identities, actions, personality traits) as long as they feel they have control over who gets access to what is being shared. I fail to see how anyone would feel comfortable sharing everything to everyone.
I'd say the examples I gave are far, far from any logical extreme. TFA mentions how just by crossing two (apparently) disparate networks, you get people potentially being harassed by complete strangers.
All I'm trying to say is that I don't see how to reconcile the idea of having a "public lifestyle" (i.e, let personal information be freely available to anyone that bothers to go look for it) and being able to have a controlled disclosure of personal data.
Well in my view, "sharing everything with everyone" reaches a vertex on the continuum. Clearly I'm not putting stuff out there that I wouldn't tell to, say, an acquaintance I met at a party.
You raised concerns over someone breaking into my house. I believe we want to stay away from the "you should be afraid of people" argument.
So I suppose your concern is that I would rather some information I leak out remain private. Sure. So what? Then you have to worry about things that you wouldn't want an acquaintance at a party to know. What are those things, how would they get online, how often, and what would the impact be? It's better just not to worry in my opinion, instead of running around putting out fires when a friend of yours on Facebook or Twitter publicly posts that it's your birthday.
I guess we are talking about different things. If you are analyzing what it is what you disclose, and the consequences of it being out in the open, the impact etc... then it's no longer a "public lifestyle", it's just that you feel comfortable putting some information online when other people don't. There is no argument to be made.
But the whole point about the OP that started this discussion of ours was not about information that people are comfortable to share with people they trust. It's about how people not realizing about the information leaking to people they don't know. You seem to dismiss that with the idea that it's a false sense of security. We could argue about that, but it's besides the point.
What I wanted to point out is that it's not just about security. It's about trust. And trust does not with blacklisting post-facto. It works by whitelisting prior known people. The people who got surprised by discovering they were visible on some creepy website had to learn that the hard way.
That seems kind of silly. I don't understand why people who normally act cold, uncaring, and distant in-person (basically: most Americans) suddenly want to be as up-close and in-your-face as possible online.
I'm going to make a statistical assumption that you're a male. Consider the different reactions the original article (http://www.cultofmac.com/157641/this-creepy-app-isnt-just-st...) describes from the men and women who saw the app, and why that would be the case.
In "real life", all I have to do is take a quick glance at the people around me, and I'll get an impression of how "safe" the personal information is that I'm sharing. It's a lot harder on the internet! Especially on Facebook, when you feel like you're talking to friends, it's hard to remember that the whole internet is listening.
Because rationality is a myth; we are mammals with language skills. Evolution has taught us that only things in the here and now can hurt us, and decisions we made (or really, failed to make by accepting defaults) last year are harmless.
Psychologists found a while ago that people are more open and less inhibited when technology mediates their interactions with other people. This same effect probably carries over to providing personal data to online services. Somehow it doesn't quite feel like sharing with the world when you are only making an update on your phone.
This app just shows what we've known, or should have known (...)
Exactly. I liken this app to Firesheep[1][2] for social and privacy (The Girls Around Me : Privacy :: Firesheep : Security). We're over warning people about the dangers of data leakages; now it's time to show them the consequences and scare them to consider whether it's worth the trade-off. Moving from telling to showing.
I don't think kmfrk is saying that the warnings are unjustified, more that they're just not getting through due to oversaturation. People hear about privacy issues all the time, but rarely see or experience actual negative repercussions, so they begin to tune out the warnings. Apps like this are excellent demonstrations of the hazards of tossing out personal information willy-nilly, and are thus more likely to actually get the message across to people.
Totally agree. This app shows you people who made public checkins on foursquare and then connects you to whatever profile they display publicly on Facebook. This is yellow journalism. Let's focus on real privacy violations.
Do victims of this feel like they had their privacy violated? If yes (and I strongly suspect the answer you will receive in a non-trivial number of cases is yes), than this is as real a privacy violation as they get.
Article was recently updated:
After publication of this article, Laura Covington, a Foursquare spokeswoman, said in statement: “This is a violation of our API policy, so we’ve reached out to the developer and shut off their API access.”
> we’ve reached out to the developer and shut off their API access
That's sounds so ... I don't know ... PR-ish and passive aggressive. I always thought "to reach out" means an attempt to help. In other words the one reaching out has good intentions and intends to help the other party. So in this instance, it is like saying "the police reached out to the family, killed their dog and arrested everyone".
It's absolutely PR-ish, and it's a bit annoying that the update could leave the naive reader with the impression that everything's been fixed when actually what's happened is that the visibility of the problem has been removed.
So far I've only once been threatened with being "reached out" to, by Oracle after I tried to ask them about one of their products. I found the expression vaguely sinister and was kind of relieved that they never actually got in touch.
You know AcTrack? It's a reality-mining plug-in that learns about academic networking using physical proximity, along with email and calling patterns. Last semester we put it on everyone's phones.
All right, so I'm running AcTrack. Is everyone else who's running AcTrack appearing on Google Maps?
No, but you know Tinkle? It's a new femtoblogging service going through a beta trial. Like microblogging, only snappier. It tells everyone in your network where you are and how you're feeling, once a minute.
But why am I running it at all, and why is it telling complete strangers where I am?
Oh, I doubt you're actually running a Tinkle client. But on the server side, AcTrack and Tinkle are both application layers that run on a lower-level platform called Murmur. It's possible that there's been some glitch with Murmur -- maybe a server crash that was improperly recovered and ended up corrupting some files. Tinkle does hook into Google Maps, and though it shouldn't be putting anyone on the public database, if you don't belong to any Tinkle Clan it might have inadvertently defaulted you to public.
I find it creepy that people upload their complete lifes onto Facebook and agree to be stalked 24/7 by Foursquare et al, even actively "checking in" (never understood what for) to publicly broadcast every movement they make.
We have a policy against aggregating herenow information across venues using our API, to use like this. You can see it clearly stated here in the description for the endpoint: https://developer.foursquare.com/docs/venues/herenow
We also prohibit using our API in any manner that is threatening, invasive of another's privacy, or otherwise inappropriate.
As mentioned in another reply, we do also reserve the right to revoke access to our API for any reason, at our sole discretion. That being said, we aim to be consistent and transparent in our policies and how we enforce them.
I read the policy - https://foursquare.com/legal/api/platformpolicy
and I can't figure out the objection. Plus, all of the information mentioned in the article (who's at location A? what's their facebook profile?) is visible on foursquare.com !
"Foursquare may revoke your authentication credentials at any time, for any reason or no reason, with or without notice, and without liability to you or any other person"
Sort of ... if you follow every single one of our rules to the letter, we still reserve the right to revoke your access because we just don't like you.
I checked it too and could not find anything. I also looked at the individual ToS and wonder if incorporating the "house rules" has anything to do with it...
How is this techically possible? I was under impression that foursquare doesn't share your full public profile (including your twitter and/or facebook) when you show up in 'x is also here:'. I get it how it can look up girls that are nearby (scan for nearby 4sq venues, than if there are people in them, filter for girls...), but how can it link back to Facebook (unless you're friends with that person on 4sq and/or facebook, which makes whole point of this app moot)?
I found it surprising too, but your impression is wrong.
When you query the Foursquare API for a user, Foursquare returns the user's Facebook and Twitter names in their response (if the user has provided them to Foursquare):
Given 2 public social graphs (FB and 4sq), I'm sure it is not hard of an exercise to cross reference that information. It really is more of a data-mapping exercise using 2 APIs.
That's why freely adding lots of personal information is a bad idea.
Much as there are tools like 1Password for passwords, I think there should be like tools for usernames/emails.
This would then return some control back to the user.
But how would you cross reference it? From my usage of 4sq (which is limited, I only installed it maybe week ago.), when you check in to venue, and someone else is already there, you get "There are 3 persons already there!", with their avatars. You can tap on those avatars, and see some more info (John D., maybe some bio? I'm not sure, I do know that it doesn't give you their full name.), but I don't think that would be enough to cross match those. That's why I'm curious.
Off the top of my head, I'd say go look at the APIs for both FB and 4sq (try say user, friends, checkins, mayorship and location) and look at what is available for user PII and friends. Compare say username and do a little fuzzy matching on friend's names.
If say FB and 4sq share say more than x common friends, chances are you have the right mapping and you can build from that. Thrown in a Bayesian filter and pretty soon you will have a good model built up. Think of the 2 APIs as two sheets of paper with directed graphs on them. If you overlay them, the mapping becomes clear pretty quickly.
"Much as there are tools like 1Password for passwords, I think there should be like tools for usernames/emails."
The way I read that is an aggregator for usernames. How would that help anything?
Or do you mean I change my username to a different sha1 string for each website? That seems like it would definitely hurt the social aspect of a lot of websites...
"2fd4e1c67a2d28fced849ee1bb76e7391b93eb12 just checked in at Alice and Bob's Bar"
I was thinking more along the lines of having unique emails per site. While usernames have a higher probability of being the same person across different sites, it's not guaranteed. twitter.com/ed may not be facebook.com/ed but foo@bar.com is definitely unique.
The goal would be to make email one less piece of PII to aggregate you across sites as well as helping narrow down who is selling your info. I am well aware of the <username>+foo convention of gmail but it is trival to strip off the +foo part.
This way, you still get mail that you want without having to give out your "real" email address.
Maybe it's wasted effort but personally, I think there is some value there (for the people that care).
Whelp, here comes privacy regulation. We were skating a fine line for a while, but I think these guys might have just pushed it into a very concrete, scary-for-normal-people-and-their-legislators territory.
Maybe this will finally be a wakeup call to privacy.
Too many people do not take this stuff seriously and I'm now convinced that people may only start to do something about it when they start experiencing fear over this. Hopefully, awareness over privacy will one day be taken with the same seriousness as "Don't touch that fire, it will burn you".
Sign, maybe it is better apologize later than asking for permissions first.
My company hotlist.com was thinking about similar User Interface as "Grils Around Me" for Hotlist.com on 2008, but we think it was too creepy for users to accept it. Even we just show your acquaintances from Facebook and people already feel uncomfortable about being followed implicitly and we spend a lot of efforts listening to users in user testings to make them feel comfortable.
Well, if you like to see where to go and see what kind of crowd in the location, you can come to check hotlist.com out.
And if you like it and have suggestions, please do send us feedback. Thank you so much.
The Sex Offender Association is calling them "App of the Year"
The next version will correlate profiles from different networks using face-recognition and offer insights on usual itineraries based not only in geotagging of posts but also picture background analysis.
This app is a very bad idea.
Note to downvoters: if you disagree with this assessment, by all means, say why.
I didn't feel the need to downvote you but I think the reason is pretty clear. You're making an unhelpful and not very clever joke, and then making up a future 'version' of the app for no discernible reason.
I think the idea was to highlight the most obvious use for apps like this. The very idea of how easily one could be made by connecting easily available information such as Foursquare checkins, Facebook profiles, tweets, Instagram photos, all neatly tagged with addresses and geographic coordinates allows anyone with such disturbing inclinations to piece together a fairly accurate picture of whoever they want. This app offers a nice menu of easy targets.
I see what you are trying to say. But surely this is sexist in the same way as only looking for girls at a bar is sexist. I.E. Not sexist at all.
Especially considering the app has a male search setting, but is off by default.
I agree that this app is horrifying, and creepy as all hell. But I would love to be enlightened as to its sexist nature.
I was mostly commenting on the old adage that in business you want to offend the least amount of customers to increase your market share e.g. the reason why mainstream news is so bland is that it helps to sell advertisements.
I was leaning towards calling it sexist because it by default chooses one gender over the other and has in its name a specific judgement on gender. "Girls around me" It could have been like Sonar and chosen the "networking" approach and named itself "People around me" and by default shown both men and women.
Perhaps they are like the Fox News of apps and are trying to target a very specific segment of the market i.e. creeps?
I wonder if someone has ever tried to quantify the bump you get from a "shock value" strategy for an app like this i.e increased press and people talking about your app. I would like to see it measured against taking a more general approach such as what the Sonar app did. I wonder if the gain in customers from a more measured marketing pitch would outweigh the increased chatter you get from something as blunt as "girls around me". Any thoughts? Does the old adage any publicity is good publicity still apply in the digital world?
Odd that whoever wrote the headline decided to directly contradict the author's conclusion at the bottom: this isn't anything new.