New Project Will Gather Users’ Stories of Censorship from Around the World
San Francisco – The Electronic Frontier Foundation (EFF) and Visualizing Impact launched Onlinecensorship.org today, a new platform to document the who, what, and why of content takedowns on social media sites. The project, made possible by a 2014 Knight News Challenge award, will address how social media sites moderate user-generated content and how free expression is affected across the globe.
Controversies over content takedowns seem to bubble up every few weeks, with users complaining about censorship of political speech, nudity, LGBT content, and many other subjects. The passionate debate about these takedowns reveals a larger issue: social media sites have an enormous impact on the public sphere, but are ultimately privately owned companies. Each corporation has their own rules and systems of governance that control users’ content, while providing little transparency about how these decisions are made.
At Onlinecensorship.org, users themselves can report on content takedowns from Facebook, Google+, Twitter, Instagram, Flickr, and YouTube. By cataloging and analyzing aggregated cases of social media censorship, Onlinecensorship.org seeks to unveil trends in content removals, provide insight into the types of content being taken down, and learn how these takedowns impact different communities of users.
“We want to know how social media companies enforce their terms of service. The data we collect will allow us to raise public awareness about the ways these companies are regulating speech,” said EFF Director for International Freedom of Expression and co-founder of Onlinecensorship.org Jillian C. York. “We hope that companies will respond to the data by improving their regulations and reporting mechanisms and processes—we need to hold Internet companies accountable for the ways in which they exercise power over people’s digital lives.”
York and Onlinecensorship.org co-founder Ramzi Jaber were inspired to action after a Facebook post in support of OneWorld’s “Freedom for Palestine” project disappeared from the band Coldplay’s page even though it had received nearly 7,000 largely supportive comments. It later became clear that Facebook took down the post after it was reported as “abusive” by several users.
“By collecting these reports, we’re not just looking for trends. We’re also looking for context, and to build an understanding of how the removal of content affects users’ lives. It’s important companies understand that, more often than not, the individuals and communities most impacted by online censorship are also the most vulnerable,” said Jaber. “Both a company’s terms of service and their enforcement mechanisms should take into account power imbalances that place already-marginalized communities at greater risk online.”
Onlinecensorship.org has other tools for social media users, including a guide to the often-complex appeals process to fight a content takedown. It will also host a collection of news reports on content moderation practices.
Jillian C. York
Director for International Freedom of Expression
Co-founder and co-director of Visualizing Impact
Ex-DHS Director Michael Chertoff: The Public Spying On Famous People With Their Smartphones Is A Bigger Issue Than NSA Spying
Former director of Homeland Security (and current profiteer off of any “security” scare) Michael Chertoff has penned quite an incredible op-ed for the Washington Post, in which he argues that the real threat to privacy today is not the NSA spying on everyone, but rather all you people out there in the public with your smartphones, taking photos and videos, and going to Twitter to post things you overheard more important people say. Seriously. It starts out by claiming this is a “less-debated threat”:
So it is striking that two recent news stories illustrate a less-debated threat to privacy that we as a society are inflicting on ourselves. Last week, a passenger on an Acela train decided to tweet in real time his summary of an overheard phone conversation by Gen. Michael Hayden, a former director of the National Security Agency (NSA) and the CIA (and my current business partner). The same day, a photo was published of Maryland Attorney General Douglas Gansler at a summer party where he was surrounded by underage youths who apparently were drinking.
But he then goes on to argue that this kind of thing is more troubling than the NSA revelations, which Chertoff suggests is no big deal:
Of course, the delicious irony is obvious: In one case, the former NSA chief becomes a victim of eavesdropping. In the other, a politician critical of teen drinking fails to intervene when he is surrounded by it. But both stories carry a more troubling implication. The ubiquitousness of recording devices — coupled with the ability everyone has to broadcast indiscriminately through Twitter, YouTube and other online platforms — means that virtually every act or utterance outside one’s own home (or, in Gansler’s case, inside a private home) is subject to being massively publicized. And because these outlets bypass any editorial review, there is no assurance that what is disseminated has context or news value.
It would appear that Chertoff seems to believe that there should be no expectation of privacy for the things you actually do in private — generating metadata about who you call, where you go, what websites you visit, etc. But, stuff that you actually do in public should never be “broadcast” because it might embarrass famous people.
And, yes, it’s the famous people being embarrassed that seems to most concern Chertoff:
If a well-known person has an argument with a spouse or child at a restaurant, should it be broadcast? If a business personality expresses a political opinion at a private party, should that opinion (or a distortion of it) be passed on to the rest of the world? If a politician buys a book or a magazine at an airport, should a passerby inform everyone?
See? Think of those poor well-known people, having people telling others about what they do. What a shame! Incredibly, he argues that it’s this exposing of the public actions of famous people that creates real chilling effects — and not the NSA’s spying, which he calls “exaggerated.”
Are we creating an informant society, in which every overheard conversation, cellphone photograph or other record of personal behavior is transmitted not to police but to the world at large? Do we want to chill behavior and speech with the fear that an unpopular comment or embarrassing slip will call forth vituperative criticism and perhaps even adversely affect careers or reputations? Do we need to constantly monitor what we say or do in restaurants, at sporting events, on public sidewalks or even private parties?
I don’t know what clueless PR flack thought this was a good strategy, but the clear connotation is hard to miss: Look, we the powerful people get to spy on everyone, but the second you turn the tables and spy on us and the things we do in public, what a horrible shame! Something must be done!
The Bahrain Watch organization has revealed that the Manama regime uses fake Twitter accounts to track government critics online.
Since October 2012, the Bahraini regime has detained several citizens for posting anonymous tweets that refer to Bahrain’s King Hamad bin Isa Al Khalifa.
An eight-month investigation showed that the Bahraini regime identifies those anonymous online critics by sending them malicious IP (Internet Protocol) spy links from a network of Twitter and Facebook accounts impersonating well-known opposition figures or other seemingly friendly individuals.
When a person clicks on an IP spy link, the report said, the security forces reveal the IP address of the internet connection they clicked from.
The regime can then force the internet service provider of the IP address to disclose the real name and street address of that internet connection’s subscriber.
According to the report, an examination of court records for five related cases shows that the Public Prosecution’s case centers on linking the IP address of the defendant to the offending anonymous Twitter account.
The prosecution, however, declined to disclose how the IP addresses were acquired, citing information obtained through “private methods that cannot be disclosed.”
The Bahraini regime apparently uses these accounts in secret, and may target their followers, friends, or contacts through private messages.
The report also lists over 120 other accounts that were also targeted in Twitter with IP spy links traceable to the government over the past two years.
Bahrain Watch lead researcher Bill Marczak said, “It is outrageous enough that individuals have been arrested and jailed for mere tweets criticizing the government.”
“That these individuals are being tracked down and convicted based on such weak digital evidence only makes matters worse.”
Bahrain Watch has urged political and social activists in Bahrain, and around the world, to be vigilant about impersonation accounts and malicious links.
“Given the government’s track record, it comes as no surprise that it would resort to such measures to stifle free speech,” Marczak stated.
“However, our hope is that this report will spread awareness of the methods that governments around the world use to trap digital activists.”
- Al-Khalifa regime blocks Al-Manar website in Bahrain (realisticbird.wordpress.com)
- Bahrain Declares War on the Opposition (lobelog.com)
Turkey said on Wednesday it had asked Twitter to set up a representative office inside the country, which could give it a tighter rein over the micro-blogging site it has accused of helping stir weeks of anti-government protests.
While mainstream Turkish media largely ignored the protests during the early days of the unrest, social networking sites such as Twitter and Facebook emerged as the main outlets for Turks opposed to the government.
Transport and Communications Minister Binali Yildirim told reporters on Wednesday that without a corporate presence in the country, the Turkish government could not quickly reach Twitter officials with orders to take down content or with requests for user data.
“When information is requested, we want to see someone in Turkey who can provide this … there needs to be an interlocutor we can put our grievance to and who can correct an error if there is one,” he said.
“We have told all social media that … if you operate in Turkey you must comply with Turkish law,” Yildirim said.
Twitter declined to respond to the government request on Wednesday, but a person familiar with the company’s thinking said it had no current plans to open an office in that country.
Turkey successfully pressured Google Inc into opening an office there last October after blocking YouTube, a Google subsidiary, from Turkish Internet users for two years.
While Ankara had no problems with Facebook, which had been working with Turkish authorities for a while and had representatives inside Turkey, Yildirim said it had not seen a “positive approach” from Twitter after Turkey issued the “necessary warnings” to the site.
“Twitter will probably comply, too. Otherwise this is a situation that cannot be sustained,” he said, without elaborating, but he stressed the aim was not to limit social media.
An official at the ministry, who asked not to be named, said the government had asked Twitter to reveal the identities of users who posted messages deemed insulting to the government or prime minister, or that flouted people’s personal rights.
It was not immediately clear whether Twitter had responded.
Facebook said in a statement that it had not provided user data to Turkish authorities in response to government requests over the protests and said it was concerned about proposals Internet companies may have to provide data more frequently.
In the midst of some of the country’s worst political upheaval in years, Turkish Prime Minister Tayyip Erdogan has described sites like Twitter as a “scourge,” although senior members of his party are regular users. He has said such websites were used to spread lies about the government with the aim of terrorizing society.
Police detained several dozen people suspected of inciting unrest on social media during the protests, according to local reports.
Speaking at the Brookings Institution in Washington, D. C., Twitter’s Chief Executive Dick Costolo said on Wednesday that he had been observing the developments in Turkey, but he emphasized that Twitter had played a hands-off role in the political debate.
“We don’t say, ‘Well, if you believe this, you can’t use our platform for that,'” Costolo said. “You can use our platform to say what you believe, and that’s what the people of Turkey … are using the platform for. The platform itself doesn’t have any perspective on these things.”
Turkey’s interior minister had previously said the government was working on new regulations that would target so-called “provocateurs” on social media but there have been few details on what the laws would entail.
One source with knowledge of the matter said the justice ministry had proposed a regulation whereby any Turk wishing to open a Twitter account would have to enter their national identification number, but this had been rejected by the transport ministry as being technically unfeasible.
Turkish users have increasingly turned to encryption software to thwart any ramp up in censorship of the Internet.
Last year, Twitter introduced a feature called “Country Withheld Content” that allows it to narrowly censor tweets considered illegal in a specific country, and it caused some concern among users.
Twitter implemented the feature for the first time in October in response to a request by German authorities, blocking messages in Germany by a right-wing group banned by police.
- Turkey announces plans ‘for gas’ and cyber security in face of Gezi protests (alethonews.wordpress.com)
Gulf Arab allies of the US have come under fire for introducing a series of draconian measures that limit Internet freedoms. The measures restrict content on social media sites, making “offending” posts punishable by extensive jail sentences.
Saudi Arabia, Qatar, the United Arab Emirates, Kuwait and Bahrain have tightened controls on Internet freedoms recently, targeting social media and phone applications alike in their communications crackdown.
Across the Gulf, dozens of journalists and social media users have been arrested since the beginning of the year for being in violation of the uncompromising national laws.
Punishments include deportation and lengthy prison sentences for crimes such as making derogatory comments about the government “in bad faith,” and offending religion and family values. In Saudi Arabia last month, top cleric Sheikh Abdul Latif Abdul Aziz al-Sheikh warned citizens against using Twitter, stating that those who use social media sites “have lost this world and the afterlife.”
After threatening to ban messaging applications like Skype and WhatsApp, Saudi Arabia’s telecom regulator has chosen a new target: The web-based communication app Viber. The instant messaging application has been blocked since June 5.
“The Viber application has been suspended… and the [regulator] affirms it will take appropriate action against any other applications or services if they fail to comply with regulatory requirements and rules in force in the kingdom,” the Communications and Information Technology Commission (CITC) said in a statement.
Viber allows its users to text, call and send photos and video messages worldwide using a 3G or Wifi connection, and boasts over 200 million subscribers worldwide.
In March, the CITC warned mobile providers in the Kingdom that if they could not find ways to monitor encrypted messaging and VOIP applications, then they would be blocked, according to local media. The commission then issued a statement saying that “it would take suitable measures against these apps and services,” in its push for greater control over the Internet.
The Saudi government has also begun arresting Twitter users for posts to their accounts. Local media reports that the government is looking into ending anonymity for Twitter users in the country by making users register their identification documents.
Despite its status as a regional media hub, the emirate state is considering a new cybercrime law that would widen government control over news websites and online commentaries.
If passed, the law would enable the government to punish websites or social media users for violating “the social principles or values,” or for publishing “news, photos, audio or visual recordings related to the sanctity of the private and familial life of persons, even if they were true, or infringes on others by libel or slander via the Internet or other information technology means,” Qatar News agency reported.
United Arab Emirates
At the end of 2012, the UAE passed a sweeping new cybercrime law: Anyone found guilty of criticizing the country’s rulers or institutions online may be jailed or deported. The law attracted widespread opposition, with legal consultants warning it is broad enough to penalize anyone caught posting allegedly offensive comments against the state.
This law has been used to jail citizens for Twitter posts over the past few months. In May, the UAE appeals court sentenced Abdullah Al-Hadidi to 10 months in jail for tweeting details of the trial of his father.
He was arrested on March 22 on charges of disseminating information on Twitter “in bad faith.” The court ruled that he wrote false details of a public hearing that, along with his father, involved 93 other people accused of plotting to seize power in the Gulf Arab state.
The government has arrested dozens of activists and at least six journalists in 2013 in the constitutional emirate, often described as the most liberal country in the region.
In March, Twitter user Hamed Al-Khaledi was sentenced to two years in prison for allegedly insulting the ruler of the Gulf nation. Others have been accused of “threatening state security” or “offending religion.”
In April, a Kuwaiti court sentenced former parliamentarian and opposition leader Mussallam al-Barrak to five years in prison for remarks deemed critical of the ruler of the state, which he made last year at a public rally.
Kuwait has been a member of the International Covenant on Civil and Political Rights (ICCPR) since 1996, which protects the right to freedom of expression, including peaceful criticism of public officials.
The Bahraini government has been trying to suppress an ongoing uprising by introducing stricter penalties. In April, the government passed a law making it illegal to insult the Gulf state’s King Hamad bin Issa al Khalifa, or its national symbols.
Recently, Bahraini blogger and activist Ali Abduleman was granted asylum in the UK after two years in hiding. Adbuleman claims he was persecuted by the government “for exercising the right to express his opinions” on his website. The Bahraini government claims he was tried for “inciting and encouraging continuous violent attacks against police officers” and conspired to spread “false and inflammatory rumors.”
In May, 62-year-old Bahraini protester Abdulla Sayegh was sentenced to three months in prison for hanging a national flag from his truck during a 2011 rally. The same month, six Twitter users were jailed for allegedly offensive comments about the country’s ruler deemed to be ‘abusing freedom of expression.’ According to prosecutors, they posted comments that undermined “the values and traditions of Bahrain’s society towards the king.”
One of the best-known human rights abuse cases in Bahrain is that of activist Nabeel Rajab, who was sentenced to three years in jail in August 2012 on charges of ‘participating in an illegal assembly’ and ‘calling for a march without prior notification.’ He openly criticized the country’s regime on RT for Julian Assange’s show The World Tomorrow.
The country has witnessed mass protests led by the kingdom’s majority Shiites against the minority Sunni-led government for two years. The Shiite demonstrators call for a transfer to a democratic system, and complain of discrimination in jobs and government. Their loyalty is in turn questioned by the ruling Al Khalifa monarchy, which has been in power for decades.
Twitter has released its second transparency report, which demonstrated a frightening increase in requests for user data by the US government and ignited serious concerns over privacy and free expression.
The list disclosed data requests from over 30 nations, and revealed that the US government was responsible for 815 of the 1,009 information requests in the second half of 2012 – just over 80 percent of all inquiries.
Twenty percent of all US requests were ‘under seal,’ meaning that users were not notified that their information was accessed.
The overall number of requests worldwide also steadily increased last year, rising from 849 in the January to June 2012 period to 1009 in the July to December 2012 period.
Twitter’s legal policy manager Jeremy Kessel blogged that, “it is vital for us (and other Internet services) to be transparent about government requests for user information.”
“These growing inquiries can have a serious chilling effect on free expression – and real privacy implications,” he wrote.
He went on to express hopes that the publication of the transparency data would be helpful in two ways – “to raise public awareness about these invasive requests,” and “to enable policy makers to make more informed decisions.”
The majority of US requests were subpoenas, which comprised 60 percent of government demands for information. Subpoenas usually seek user information such as email addresses affiliated with accounts and IP logs. A user’s whereabouts can generally be located by the IP address they are using.
Twitter complied with US government requests 69 percent of the time, according to the report.
Twitter released its transparency report on January 28, dubbed ‘Data Privacy Day.’ The US National Cyber Security alliance said it founded the day to “empower people to protect their privacy.”
According to Twitter’s report, several other governments made over 10 requests each for personal information, including Brazil, Canada, France, Japan and the UK. Japan ranked the second-highest on the list after the US; however, the US made 753 more demands for information than Japan.
Google released a statement marking the occasion, saying that the company “[doesn’t] want our services to be used in harmful ways,” and that it is “important that laws protect you against overly broad requests for your personal information.”
Earlier this month, France ruled that Twitter must disclose to authorities the identities of people writing anti-Semitic tweets using the hashtags #UnBonJuif [A Good Jew] and #UnJuifMort [A Dead Jew]. The social networking platform will be fined 1,000 euros a day until it complies.
The publication of the survey came shortly after Google published its own transparency report, which showed a similarly disturbing 25 percent rise in data requests from government authorities. The report also revealed that the US had made the most requests for private information to Google of any government: Over 8,438 in the second half of 2012.
UK-based rights group Privacy International later commented that “Google, Facebook and Twitter are highly vulnerable to government intrusion.”
“I am alarmed by the number of government requests and concerned that so many are done with merely a subpoena,” said John Simpson, a consumer advocate with the California-based group Consumer Watchdog. “A warrant should be required.”
- Twitter Transparency Report v2 (twitter.com)
- Twitter: Government user data requests have risen 20 percent (sott.net)
Speak2Tweet: Google & Twitter Partner Up with US State Dept. to Monopolise Information Flow Out of Syria
Amid Internet and telephone network outages in Syria, US-trained opposition activists are using US-supplied satellite phones to contact Google & Twitter’s ‘Speak2Tweet‘ service. Despite these efforts, the service seems so far to be a resounding failure.
Internet and telecommunications networks have been failing across Syria, leading some including Tony Cartalucci to speculate that NATO may be preparing a psychological warfare operation(1) to bolster the flagging unconventional war against Syria.
Recent developments add weight to this theory. There are now reports(2) that Google and Twitter have re-launched their ‘Speak2Tweet’(3) service to ostensibly aid isolated Syrians affected by the communication network outages.
This is reminiscent of Iran’s CIA-sponsored(4) ‘Green Revolution‘ in 2009 wherein Twitter followed White House instructions(5) to delay its scheduled maintenance, in order to provide continued service to Iran’s Green opposition. If this event hinted at Twitter’s possible status as being a CIA tool in this respect, today’s events should leave little doubt.
‘Speak2Tweet‘ is a communication service which allows the user to dial a conventional telephone number and leave a voice message which is then posted to https://twitter.com/speak2tweet where web users can listen. Speak2Tweet was first launched during Egypt’s January 25th ‘revolution’ back in 2011.
At this important time for Google, Hillary Clinton offered an interesting tidbit yesterday. While giving an especially servile, fawning speech at the Saban Center for Middle East Policy’s Opening Gala Dinner in Washington D.C, she quoted Google’s Executive Chairman Eric Schmidt(6) who recently called Israel, “the most important high tech center in the world, after the United States.” I will leave it to the reader to decide whether this suggests a central Israeli role in Google’s recent ventures.
After interviewing Google’s Christine Chen, Al Arabiya tellingly reported:(3) “Although phone connections are also are suspended, some Syrians were able to call and get through.”
This begs the question: if Internet and telecommunications networks have been failing across Syria, how does the opposition manage to communicate using Speak2Tweet, which requires the user to call an international telephone number (using either a mobile telephone or landline)?
US State Department provided Syrian opposition activists with satellite communications equipment and training
Ever since August 2012 Syrian opposition activists have been travelling to Istanbul, Turkey, to receive satellite communications equipment and training from the U.S. State Department.(7) The UK Telegraph reported in August 2012 that the US State Department’s Office of Syrian Opposition Support (OSOS) was overseeing this scheme, with $25 million reportedly being set aside for the project, and a further $5 million coming from Britain.
According to ForeignPolicy.com(8) the activists are all ‘given a satellite phone and computer‘ at the end of their training, and they are expected to return to Syria.
It is important to note at this point that satellite telephony is not affected by Internet and telecommunications network outages, and indeed satellite telephones allow users to call any conventional telephone number. In fact satellite phones are often used in warzones and in areas affected by natural disasters, as terrestrial cell antennas and networks are often damaged and non-operational in such cases.
In view of this it is highly likely as many have posited, that the country-wide communications outages were engineered by the NATO-GCC axis, with a view to allowing the opposition activists to monopolise the information flow using the satellite equipment and training given to them by the U.S. State Department. It should be noted that Google has been involved in training ‘Arab Spring’ opposition activists(9) through its partnership with the US State Department’s Movement.org.
The voice messages that are posted to the service can be listened to online at: https://twitter.com/speak2tweet. After listening to a sample of the messages, at this point in time the service seems to be a resounding failure insofar as the NATO-GCC axis is concerned. Messages range from merely “Allahu Akbar“, to garbled nonsense, and they do nothing to bolster the ongoing propaganda campaign against the Syrian regime. Furthermore, the Speak2Tweet service has most definitely not ‘made waves’ online, with many web users not even being aware of its existence.
Though many of the Speak2Tweet audio messages seem to be coming from people outside Syria, it is eminently clear that the US State Department intended their activist-proxies whom they had trained and supplied with satellite telephones in Istanbul, to be the only people within Syria able to use the service.
As with all aspects of the now struggling NATO-GCC unconventional war against sovereign Syria, this too seems to have been an embarrassing failure and a waste of time and money.
(1) ‘URGENT: NATO Preparing Psy-Op in Syria’ by Tony Cartalucci.
(2) ‘Google reactivates Speak2Tweet for Syrian Internet cutoff’ – CNET.com, November 30, 2012.
(3) ‘Google and Twitter re-launch ‘Speak2Tweet’ to aid isolated Syrians’ – Al Arabiya, Saturday, 01 December 2012.
(4) ‘Color revolution fails in Iran’ by Thierry Meyssan
(5) ‘US confirms it asked Twitter to stay open to help Iran protesters’ – The Guardian, Wednesday 17 June 2009.
(6) ‘Remarks at the Saban Center for Middle East Policy 2012 Saban Forum Opening Gala Dinner’ – U.S. State Department
(7) ‘Britain and US plan a Syrian revolution from an innocuous office block in Istanbul’ – The Telegraph, 26 Aug 2012.
(8) ‘Holding Civil Society Workshops While Syria Burns’ – ForeignPolicy.com, OCTOBER 10, 2012.
(9) ‘Google’s Revolution Factory’ by Tony Cartalucci.
At first blush, it seems obvious that a picture could reveal your location. A picture of you standing in front of the Golden Gate Bridge sensibly leads to the conclusion you’re in the San Francisco Bay Area when the photo was taken. But now that smartphones are quickly supplanting traditional digital cameras, and even traditional cameras now have wifi built in, many more pictures are finding their way onto the web, in places like Twitter, Flickr, Google+ and Tumblr. In a span of 10 days, popular photo social network Instagram added 10 million new users as a result of the release of its Android app and its acquisition by Facebook. And the location data hidden in these quick and candid pictures — even when your location isn’t as obvious as “standing in front of the Golden Gate Bridge” — is becoming another easy way for anyone, including law enforcement, to figure out where you are.
Take the case of “w0rmer,” a member of an Anonymous offshoot called “CabinCr3w,” for example. According to the federal government (PDF), “w0rmer” broke into a number of different law enforcement databases and obtained a wealth of sensitive information. In a Twitter post, “w0rmer” provided a link to a website that contained the sensitive information as well as a picture of a woman (NSFW) posing with a sign taunting the authorities. Because the picture was taken with an iPhone 4, which contains a GPS device built in, the GPS coordinates of where the picture was taken was embedded into the picture’s EXIF metadata. The FBI was able to use the EXIF data to determine that the picture was taken at a house in Wantirna South, Australia.
The FBI tracked down other online references to “w0rmer,” with one website containing the name Higinio Ochoa. The feds took a look at Ochoa’s Facebook account, which detailed that his girlfriend was Australian. Combined with the EXIF metadata, the government believed they had corroborated the identity of “w0rmer” as Ochoa, and in turn arrested him.
Even for photos not taken with a smartphone and not embedded with GPS coordinates (for example, point and shoot or SLR cameras that do not geotag), it’s still possible for the police to get location information through EXIF metadata. You can upload a picture here and see the metadata stored in a picture for yourself. Contained within that metadata is the camera’s serial number. Armed with that information, the police can easily scour the internet for other pictures tagged with the same serial number. In Australia, a man whose camera was stolen was able to track it down using stolencamerafinder.com because the thief had taken a picture with the camera and uploaded it to Flickr, where had had listed his address. But even if the thief’s Flickr site didn’t contain his address, police could have subpoenaed Flickr – like law enforcement have attempted to do with Twitter – for information concerning a user’s temporarily assigned IP address, as well as session times and logs, to eventually determine where a person uploaded a picture from. All of which can be used to piece together a snapshot of not only your movements, but as in the case of “w0rmer,” potentially your identity. In the United States, police are being trained about the broader investigative (PDF) potential of this information.
It might be tempting to say the problem is overblown, because some social media sites, including Facebook and Twitter, strip the metadata out of photos uploaded by their members. But not all do. Twitpic‘s default is to use a picture’s location tag unless you opt out. Flickr gives you the option to hide a photo’s EXIF data, but many casual photographers tempted by the rapid growth of photo sharing may not understand what EXIF data is, and the implication of making it publicly available.
The bigger problem is that courts have been expanding the police’s right to search digital devices without a warrant under the “search incident to arrest” exception of the Fourth Amendment. While many of the cases involve warrantless searches of cell phones, there has been at least one case in California (PDF) where the police used the “search incident to arrest” exception to search a juvenile’s digital camera. And there are other reported incidents of photojournalists having their cameras confiscated and searched when covering political protests and rallies. If the cops have the physical camera (and thus the memory cards that store the photos), whatever scrubbing that happens when a photo is uploaded to the web is no obstacle.
So if you value your privacy, you should take steps to ensure the EXIF metadata in your pictures isn’t an easy way for anyone on the Internet to figure out your location. If you’re using a smartphone to take pictures, disable geotagging from your pictures. If you’re uploading your pictures to a website like Flickr or Twitpic that defaults to automatically include EXIF data and location information, take the steps to turn it off. And if you’re using a traditional SLR or point and shoot camera that doesn’t geotag, but does contain a breadth of EXIF data, the make sure you scrub its metadata before you upload it on the Internet. There are free online tools that will help you do precisely that. These simple steps will help ensure that the thousand words a picture describes doesn’t include your location.
- Anonymous Hackers Not Smart On Anonymity, Feds Say (promoteliberty.wordpress.com)
- Anonymous Hackers Not Smart On Anonymity, Feds Say (informationweek.com)