When you use your smartphone to take a photo or use social media platforms like Twitter, the messages you send are frequently encoded with your GPS coordiantes. Yiannis Kakavas, a programmer in Germany, has created a program called Creepy that aggregates all the data you send you out, and lets anyone build a map showing where you were when you Tweeted, Flickr’d, or Foursquared. Bob talks to Kakavas about his aptly named program.
BOB GARFIELD: Last spring we reported on a legal battle between the U.S. government and privacy advocates around the issue of cellphone tracking. Almost all new cellphones contain a built-in GPS location chip so that emergency workers can find you when you call 911. But the ability to locate your position down to a few meters has been used by law enforcement officials, as well. As Kevin Bankston, a lawyer for the Electronic Frontier Foundation told us last year:
KEVIN BANKSTON: At a security and surveillance conference a few months ago, the Sprint electronic surveillance manager admitted that law enforcement was making such extensive use of this capability that Sprint had set up essentially a Web portal for law enforcement to go to, to ping cellphones, to find their location based on GPS. He said that that website had been used eight million times over a one-year period.
BOB GARFIELD: In September of last year, the Third Circuit Court of Appeals sided with the privacy hawks, agreeing that the government should first show probable cause and obtain a warrant before tracking Americans. However, stronger privacy protections only help you when you, yourself aren't giving away that information. If you take a picture with your iPhone, that digital file will include the longitude and latitude of where it was snapped, or if you've opted into the geo-location services of a mobile application like Twitter, your tweets will be accompanied by information about where and when you tweeted. Yiannis Kakavas, a programmer in Germany, created a program called Creepy. It aggregates all the data you’re sending out and lets anyone build a map showing where you were and what you tweeted, Flickr’d or Foursquared. Kakavas says the software is meant to be cautionary, to warn the typical Web user that they've probably been disclosing a lot more than they realize.
YIANNIS KAKAVAS: Let's say that the user goes back home from work and he thinks that the only thing he said was, I got back home, but if the coordinates of the place that he tweeted that from are present in the tweet, he just gave out to the whole world where is he living.
BOB GARFIELD: And parents who would never think of leaving details about their children are doing it all the time when they're putting up pictures of them, saying, look, here’s Brittany in the back yard, and all of a sudden, I suppose, putting Brittany at some risk.
YIANNIS KAKAVAS: It can be even worse, like here’s Brittany in the primary school or here’s Brittany at her favorite ice cream shop, or here’s Brittany at her favorite playground, giving away information where the parents are hanging out with their children and leaving everyone to know how and when they can reach them.
BOB GARFIELD: Now, obviously, the universe of kidnapping targets is rather small, but I guess that’s not the point. You've located a security flaw on our personal behavior, right?
YIANNIS KAKAVAS: Yes.
BOB GARFIELD: It seems to me that what you’re doing is analogous to locating a security flaw in the public water supply and saying that such-and-such a reservoir could easily be filled with toxic chemicals that could poison a whole city. So we as a community have learned that a reservoir is vulnerable, but you've also put the idea in the head of potential terrorists who might go out and, with a Super Soaker filled with dioxin, and poison an entire city. Did you weigh the risks before publishing this software, of actually getting bad people to do exactly what you’re warning people about?
YIANNIS KAKAVAS: I think that the analogy’s a bit hazardous. But what the application does, it’s nothing that cannot be done manually. So if someone with malicious intent wanted to do something like that, he could do it maybe not as easily as hitting three clicks, but he could do it in one hour, getting this information from someone’s public Twitter timeline.
BOB GARFIELD: So the irony of all of this, from our perspective at On the Media [LAUGHS], is that we spend a whole lot of time looking at how law enforcement and government can track its citizens legally and extra-legally by their smart phones, and yet, many of us evidently have made ourselves extraordinarily vulnerable to being tracked, and not only by the FBI but by, you know, anybody. Have we been following the wrong problem?
YIANNIS KAKAVAS: Yeah maybe, because the, let's say, enemy is not only a terrorist or the state or someone who might want to track us, it’s - the enemy in that case is our need for showing off and oversharing our information.
BOB GARFIELD: Yiannis, thank you very much for joining us.
YIANNIS KAKAVAS: Thank you for having me. BOB GARFIELD: Yiannis Kakavas is creator of Creepy.