App called "Creepy" pinpoints people's location based on their social networking activity


The creator of Creepy, Yiannis Kakavas, calls his application a "geolocation information aggregator." It analyzes a person's tweets, Facebook posts, and Flickr stream to generate a map of where that person is and where he or she goes.

You can enter a Twitter or Flickr username into the software's interface, or use the in-built search utility to find users of interest. When you hit the 'Geolocate Target' button, Creepy goes off and uses the services' APIs to download every photo or tweet they've ever published, analysing each for that critical piece of information: the user's location at the time.

While Twitter's geolocation setting is optional, images shared on the service via sites like Twitpic and Yfrog are often taken on a smartphone - which, unbeknownst to the user, records the location information in the EXIF data of the image. Creepy finds these photos, downloads them, and extracts the location data.

When the software finishes its run, it presents you with a map visualising every location that it found - and that's when the hairs on the back of your neck go up. While the location of an individual tweet might not reveal much, visualising a user's history on a map reveals clusters around their home, their workplace, and the areas they hang out. Everything a stalker could need, in other words.

Creepy app warns of an end to privacy


  1. So it can end your privacy: if you weren’t trying to have any to begin with.

    Just add this next to the, “Don’t go to 4chan and camwhore” talk that parents should have with their kids. “Don’t tweet or post statuses unless you want people to know where you are and what you are doing”. Self-evident, really.

  2. This is a reason why I log in to a public access UNIX system ( more information – ) to do my social networking using Lynx 2.8.7: the marketers and data-metrics can only track me to the remote machine I’m logged into, which is quite a long way from where I live and work. ^..^~

    1. This is a reason why I log in to a public access UNIX system ( more information – ) to do my social networking using Lynx 2.8.7: the marketers and data-metrics can only track me to the remote machine I’m logged into, which is quite a long way from where I live and work. ^..^~

      However, your cat smiley is in your comment, giving away your position.

  3. Nicely written app. As far as I’m concerned this is only really of concern to anyone who believes in the illusion of anonymity afforded by this kind of technology.

    For myself, I’m not concerned in the slightest. Why? Because the only people in my social networks, the only people who aren’t utterly blocked, are people who know know all this stuff about me in the first place. Big whoop. I only allow people into my networks at all if I’m comfortable with their knowing anything I’m willing to post.

  4. “Privacy” ended (changed is a better word) long before social apps came to be. Social apps have mainstreamed the realization that privacy has changed. All tin hats off, between ATM cameras and transactions, traffic cameras, phone records, Allstar, credit card transactions, security sign in sheets at schools and offices, etc. people have been traceable for a long time. Social media has simply made this easier but ultimately, it doesn’t really matter because the people who follow you on social networks already know what apps like Creepy and sites like are revealing. Your real life friends know your haunts and they know when you are going on vacation even without Facebook and Twitter.

  5. We need a new apocalypse scenario, one where people are so nervous about going online that the internet dies at the same time we run out of oil. World economy collapses and shortly after that the governments follow, and we revert back to a culture of subsistence farming after 5 billion people have starved to death.

    1. That misses the point of escapist fiction. Plausible apocolypse is just depressing. Zombie apocolypse is a bit sexier (though, less survivable).

  6. It’s a desktop app? It’d get a lot more use as a web app. But keeping up with the inevitable crush of traffic you’d get would be quite a task.

  7. The local news stations must read this blog because things like this always end up on my local news the day after I read them here. And this story alone is enough to make every non-techy housewife to be up in arms and fear for their family’s safety. I can’t wait to hear the tag line the news comes up with this one to scare the viewers with the intent on getting them to view the 11 o’clock news.

  8. The concept that privacy “ended” isn’t because of things like this. With social networking, there never was privacy. To expect privacy with social networking is absurd and I don’t understand why anyone would think telling the world where you are at any given moment is private. I repeat: It’s not private if you are telling it to the world.

    You want to fight against real privacy violations? Why not look at where they are really happening. For example, at airports and some train stations.

    Otherwise, the fight here should be about informing users as to why they shouldn’t be telling the world certain things. People need to understand that while we have free speech, this freedom doesn’t protect you from social consequences. Simply put: Just because you can doesn’t mean you should. There’s no privacy concerns here because there was nothing here that was private to begin with!

    Do I use geotagging? Occasionally. I use it if it supports what I’m posting when it won’t fit in a 140 character post or helps with an image. Otherwise, I don’t touch the geotagging buttons, and geotagging information in image metadata is stripped.

  9. This is a great tool. One of the inspirations for Creepy (as noted in the documentation) is a website called ICanStalkU (, which I happen to be the co founder of.

  10. It’s your own fault if you are willing posting your exact location on a social network site. I would never post where I am unless it was a special occasion like at a big sporting event, which isn’t a place you can plan ahead to find me, because who knows when I’ll be there again.

  11. It’s quite an interesting app, I was playing around with it earlier – it successfully pulled down a few twitter feeds and mapped out any photos with gps data for me.

    What mostly interests me is that the code is open source. I don’t really have a use for gps-tracking others, but I do have a use for a handy script that’ll let me know if any of my photos are still geotagged and quickly point them out for me. stripping off a lot of the hard work he put into it could make it a great general-purpose script.

  12. This sounds exactly like the type of application that Aaron Barr, the ex-CEO of HBGary Federal, was trying to develop and sell. Some of details leaked when Anonymous pulled down his pants.

  13. Just wait until this gets used on a celebrity, or a politician.

    It’s one thing to be able to find out where your celebrity crush/obsession gets their coffee so you can get an autograph. But what about the next Jared Lee Loughner?

    (I don’t know if Rep. Giffords had a twitter account, but plenty of celebrities and politicians use twitter)

  14. wouldn’t it be just as easy to hack? throw false info out, or simply geo tag where you are but delay posting by a day, a week, whatever.
    boy, we used to be proud to open the phone book and find our names, addresses & phone numbers.

  15. Alright, so I understand argument that all of these messages were posted in the public domain, so what is done with them is no longer a privacy issue. “Just because we can, doesn’t mean we should.’ can easily apply here as well. What is the intended purpose of the app? More localized advertising? what else anybody?

    1. Considering it’s called “Creepy”, I’m thinking the intended purpose of the app is to make us more aware of how easily we can be tracked.

  16. Every time I read something about this that is presented or percieved as a “privacy problem,” I see a slight-of-hand act pulling people’s attention away from the real problem which is the fact that there are people out there who want to do unsavory things given adequate personal information. Information that could, mind you, be obtained in far creepier ways than an automated geotag aggregator.

    I am not a psychologist, but I have to wonder, should the day come where you can find out where anyone is at any time, would that extinguish the “thrill” for some stalker types? Could less privacy potentially lead to *less* stalkers? I do not know what makes the stalker mind tick but I’d like to hear an expert take on this theory…

  17. Reminds me of that private eye program called “The Bear”, in the film “Until the End of the World”… plug in a little bit of information, and it tracks your patterns via money machine activity, ticket purchases, and lots of et ceteras.

  18. I installed this for windows and shortly after I got a fake AV malware/bug.. can’t think of anything else I installed lately except for BattlefieldPlay4Free from EA….

    1. I cannot stress out enough how improbable that is. You can scan it with your favorite antivirus tool, or download a (bit older) version from where they (at least claim to) have tested it and guarantee it is 100% virus-free.

  19. … Is that image customized to whoever reads the article or is this just a really, really, creepy coinkidink?

  20. there’s a free app for iPhone, PC and Android that makes the photos you share invisible to Creepy. It’s called Pixelgarde Photo Privacy Editor. If you’re concerned about what you share, I recommend using it.

Comments are closed.