Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

4/3/2012
06:46 PM
Thomas Claburn
Thomas Claburn
Commentary
Connect Directly
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Girls Around Me App: Not Today's Creepiest Stalker

Was the Girls Around Me app tasteless and juvenile? Of course. But we should be far more concerned about being stalked by law enforcement agencies and our cell phone companies.

10 Top iOS 5 Apps
10 Top iOS 5 Apps
(click image for larger view and for slideshow)
Over the weekend, Russian app developer i-Free withdrew its Girls Around Me app, which last week faced a chorus of criticism on various websites for being a stalking tool. It allowed a user to map the location of nearby women and glean information about them, using public Facebook and Foursquare data.

The company said it removed its app from the iTunes App Store because Foursquare, swayed by the controversy, disallowed the app's access to its geolocation API, thereby preventing the app from working properly. The app had been downloaded over 70,000 times.

I-Free defended itself in a statement provided to the Wall Street Journal. "Girls Around Me does not provide any data that is unavailable to the user when he uses his or her social network account, nor does it reveal any data that users did not share with others," the company said.

Girls Around Me might have been tasteless, juvenile, and cynical, but in that it has plenty of company. App stores are full of crassly conceived software. What it's not is creepy, a term used by Cult of Mac to describe the app.

Creepy implies intent. It would be creepy if i-Free designed its app to be used for stalking and harassment. But there isn't any evidence of that intent. Nor is there any evidence that the app has been involved in an actual case of harm.

Certainly, Girls Around Me could be used for stalking, but the same can be said of binoculars. Binoculars are a tool that might be creepy in certain people's hands. But mainly, they're just a tool with legitimate uses.

[ Read 8 Tablets Fit For Windows 8 Beta. ]

Girls Around Me also is a tool, one that aggregates and correlates public data. Its primary crime appears to have been violating Foursquare's rules on aggregating API data from multiple locations. Most Internet users have probably committed a similar website rules violation at one time or another. Just as consumers gloss over privacy policies, i-Free's developers probably didn't read Foursquare's rules very closely.

Where does all this data come from? It's made available by users of Facebook and Foursquare. The thing that's really creepy about Girls Around Me is that it reveals people's proclivity for self-harm. Internet users had privacy before they started using social networks. Now they freak out when they see what can be done with the data they have so blithely shared.

The irony of this particular controversy is that it comes amid a far creepier revelation: According to documents obtained by the ACLU, law enforcement agencies routinely track people using cell phone data, often without warrants and with the cooperation of telecommunications companies--which generate revenue from customer data by charging service fees to law enforcement. You supply the data; your phone company gets paid.

Unlike aggregating public social network data, government scrutiny of cell phone data is a potential violation of constitutionally protected rights: The limited privacy rights enshrined in the U.S. Bill of Rights concern beliefs, home privacy, protection from government searches and seizures, and protection against self-incrimination. The protection against self-incrimination might as well be scrapped if participation in modern society entails unavoidable self-surveillance.

If you want creepy, consider this passage from a collection of documents compiled to help law enforcement personnel obtain cell phone data. It was posted by privacy researcher Christopher Soghoian. Though it is unattributed, the passage also appears in a 2006 newsletter posted in April 2011, where it's credited to California Deputy Attorney General Robert Morgester.

"Cellular phones have become the virtual biographer of our daily activities," Morgester wrote. "It [sic] tracks who we talk to and where we are. It will log calls, take pictures, and keep our contact list close at hand. In short it has become an indispensable piece of evidence in a criminal investigation."

The question we should be asking is not whether Girls Around Me encourages stalking. It's whether we as users of technology can have privacy if we choose it. Or is the unwritten rule of a mobile service contract that we shall submit a full account of our activities to be documented by our virtual biographer?

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
holyfire001202
50%
50%
holyfire001202,
User Rank: Apprentice
5/7/2012 | 12:51:33 PM
re: Girls Around Me App: Not Today's Creepiest Stalker
YMOM, You're missing a piece. You stated the intent in that sentence. "...checking out a girl at a bar". His intent is to do whatever he's thinking about doing to-or for- this girl at the bar. The fact that we don't know what he's thinking makes him creepy. Now, If we saw a guy with skin problems and greasy hair missing an eye sitting at a bar having a laugh with another guy sitting next to him, he wouldn't be creepy, huh? Because all of a sudden his intent is having a good time with his friend, rather than [whatever he wanted to do] with that girl.
YMOM100
50%
50%
YMOM100,
User Rank: Apprentice
4/7/2012 | 7:27:47 PM
re: Girls Around Me App: Not Today's Creepiest Stalker
Wait, what? Since when does creepy imply intent? A guy with skin problems and greasy hair, missing an eye, checking out a girl at a bar may well be perceived as creepy whether he intended to or not. This app is creepy whether the devs intended it to be or not. You may want to consider supporting your premises with evidence in the future, as you may find holes in your logic before they get published!
kupjones
50%
50%
kupjones,
User Rank: Apprentice
4/6/2012 | 2:07:28 PM
re: Girls Around Me App: Not Today's Creepiest Stalker
My fear is you have this completely wrong - at least with law enforcement (in this country) we have some chance of eventually uncovering government abuse - and there are private orgs established to track this abuse. The Black Helicopters are there -- but at least we know they are there.

Contrast that against millions of free-agent abusers -- the thought is staggering. We've taken our eye off the real ball -- the fact that we are posting our lives onto a medium that is inherently not private, there for the millions to see. If this doesnt scare you, nothing will.
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Google's new See No Evil policy......
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31664
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-33185
PUBLISHED: 2021-06-18
SerenityOS contains a buffer overflow in the set_range test in TestBitmap which could allow attackers to obtain sensitive information.
CVE-2021-33186
PUBLISHED: 2021-06-18
SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information.
CVE-2021-31272
PUBLISHED: 2021-06-18
SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.
CVE-2021-31660
PUBLISHED: 2021-06-18
RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.