Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

4/3/2012
06:46 PM
Thomas Claburn
Thomas Claburn
Commentary
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Girls Around Me App: Not Today's Creepiest Stalker

Was the Girls Around Me app tasteless and juvenile? Of course. But we should be far more concerned about being stalked by law enforcement agencies and our cell phone companies.

10 Top iOS 5 Apps
10 Top iOS 5 Apps
(click image for larger view and for slideshow)
Over the weekend, Russian app developer i-Free withdrew its Girls Around Me app, which last week faced a chorus of criticism on various websites for being a stalking tool. It allowed a user to map the location of nearby women and glean information about them, using public Facebook and Foursquare data.

The company said it removed its app from the iTunes App Store because Foursquare, swayed by the controversy, disallowed the app's access to its geolocation API, thereby preventing the app from working properly. The app had been downloaded over 70,000 times.

I-Free defended itself in a statement provided to the Wall Street Journal. "Girls Around Me does not provide any data that is unavailable to the user when he uses his or her social network account, nor does it reveal any data that users did not share with others," the company said.

Girls Around Me might have been tasteless, juvenile, and cynical, but in that it has plenty of company. App stores are full of crassly conceived software. What it's not is creepy, a term used by Cult of Mac to describe the app.

Creepy implies intent. It would be creepy if i-Free designed its app to be used for stalking and harassment. But there isn't any evidence of that intent. Nor is there any evidence that the app has been involved in an actual case of harm.

Certainly, Girls Around Me could be used for stalking, but the same can be said of binoculars. Binoculars are a tool that might be creepy in certain people's hands. But mainly, they're just a tool with legitimate uses.

[ Read 8 Tablets Fit For Windows 8 Beta. ]

Girls Around Me also is a tool, one that aggregates and correlates public data. Its primary crime appears to have been violating Foursquare's rules on aggregating API data from multiple locations. Most Internet users have probably committed a similar website rules violation at one time or another. Just as consumers gloss over privacy policies, i-Free's developers probably didn't read Foursquare's rules very closely.

Where does all this data come from? It's made available by users of Facebook and Foursquare. The thing that's really creepy about Girls Around Me is that it reveals people's proclivity for self-harm. Internet users had privacy before they started using social networks. Now they freak out when they see what can be done with the data they have so blithely shared.

The irony of this particular controversy is that it comes amid a far creepier revelation: According to documents obtained by the ACLU, law enforcement agencies routinely track people using cell phone data, often without warrants and with the cooperation of telecommunications companies--which generate revenue from customer data by charging service fees to law enforcement. You supply the data; your phone company gets paid.

Unlike aggregating public social network data, government scrutiny of cell phone data is a potential violation of constitutionally protected rights: The limited privacy rights enshrined in the U.S. Bill of Rights concern beliefs, home privacy, protection from government searches and seizures, and protection against self-incrimination. The protection against self-incrimination might as well be scrapped if participation in modern society entails unavoidable self-surveillance.

If you want creepy, consider this passage from a collection of documents compiled to help law enforcement personnel obtain cell phone data. It was posted by privacy researcher Christopher Soghoian. Though it is unattributed, the passage also appears in a 2006 newsletter posted in April 2011, where it's credited to California Deputy Attorney General Robert Morgester.

"Cellular phones have become the virtual biographer of our daily activities," Morgester wrote. "It [sic] tracks who we talk to and where we are. It will log calls, take pictures, and keep our contact list close at hand. In short it has become an indispensable piece of evidence in a criminal investigation."

The question we should be asking is not whether Girls Around Me encourages stalking. It's whether we as users of technology can have privacy if we choose it. Or is the unwritten rule of a mobile service contract that we shall submit a full account of our activities to be documented by our virtual biographer?

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
holyfire001202
50%
50%
holyfire001202,
User Rank: Apprentice
5/7/2012 | 12:51:33 PM
re: Girls Around Me App: Not Today's Creepiest Stalker
YMOM, You're missing a piece. You stated the intent in that sentence. "...checking out a girl at a bar". His intent is to do whatever he's thinking about doing to-or for- this girl at the bar. The fact that we don't know what he's thinking makes him creepy. Now, If we saw a guy with skin problems and greasy hair missing an eye sitting at a bar having a laugh with another guy sitting next to him, he wouldn't be creepy, huh? Because all of a sudden his intent is having a good time with his friend, rather than [whatever he wanted to do] with that girl.
YMOM100
50%
50%
YMOM100,
User Rank: Apprentice
4/7/2012 | 7:27:47 PM
re: Girls Around Me App: Not Today's Creepiest Stalker
Wait, what? Since when does creepy imply intent? A guy with skin problems and greasy hair, missing an eye, checking out a girl at a bar may well be perceived as creepy whether he intended to or not. This app is creepy whether the devs intended it to be or not. You may want to consider supporting your premises with evidence in the future, as you may find holes in your logic before they get published!
kupjones
50%
50%
kupjones,
User Rank: Apprentice
4/6/2012 | 2:07:28 PM
re: Girls Around Me App: Not Today's Creepiest Stalker
My fear is you have this completely wrong - at least with law enforcement (in this country) we have some chance of eventually uncovering government abuse - and there are private orgs established to track this abuse. The Black Helicopters are there -- but at least we know they are there.

Contrast that against millions of free-agent abusers -- the thought is staggering. We've taken our eye off the real ball -- the fact that we are posting our lives onto a medium that is inherently not private, there for the millions to see. If this doesnt scare you, nothing will.
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
MITRE Releases 2019 List of Top 25 Software Weaknesses
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "He's too shy to invite me out face to face!"
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16669
PUBLISHED: 2019-09-21
The Reset Password feature in Pagekit 1.0.17 gives a different response depending on whether the e-mail address of a valid user account is entered, which might make it easier for attackers to enumerate accounts.
CVE-2019-16656
PUBLISHED: 2019-09-21
joyplus-cms 1.6.0 allows remote attackers to execute arbitrary PHP code via /install by placing the code in the name of an object in the database.
CVE-2019-16657
PUBLISHED: 2019-09-21
TuziCMS 2.0.6 has XSS via the PATH_INFO to a group URI, as demonstrated by index.php/article/group/id/2/.
CVE-2019-16658
PUBLISHED: 2019-09-21
TuziCMS 2.0.6 has index.php/manage/notice/do_add CSRF.
CVE-2019-16659
PUBLISHED: 2019-09-21
TuziCMS 2.0.6 has index.php/manage/link/do_add CSRF.