ICanStalkU twitterbot nags Twitter users about disclosing their location

ICanStalkU is a twitterbot Twitter-analyzing service that seeks out Twitter users who transmit their location in the photos they tweet and generates responses like "ICanStalkU was able to stalk @XXXXXXXXXX at http://maps.google.com/?q=35.5371666667,139.510166667," with the stated purpose of "Raising awareness about inadvertent information sharing."

I generally like the idea of helping people understand that their software may be disclosing information about themselves that they're not aware of, but I find this method a little tiresome. On a few occasions, I've deliberately turned on location data when sending out an image (for example, when tweeting an image of a public event or artwork and wanting to conveniently attach a location to the tweet so others can find it) only to get chided (not by bots, but by other Twitter users) who sent words to the effect of, "Some privacy advocate you are! Why are you sending location data with your images?"

I've also been nagged by someone's twitterbot that wanted to tell me off for including my email address in a tweet, because the author had decided that this would make me more vulnerable to spam (I have one email address and it's been public for about 15 years now -- there's no spambot that doesn't know it by now). It's nice that people want to help others understand the wider context of their actions, but there's a fine line between helping and nagging.

Adding location data to a photo of something in public -- a protest, a spectacle, a store -- isn't necessarily a privacy breach. Nor does it necessarily give information about the photographer's location (photographers might choose to post the images later, long after they've left that location). And location metadata on photos can be very useful. It would be great to see more nuance from ICanStalkU.

I Can Stalk U - Raising awareness about inadvertent information sharing (Thanks, Avi!)


  1. I have no problem with raising awareness about “inadvertant information sharing,” but I think stalking someone via Twitter to prove to someone that they can be stalked is wrong.  It’s like breaking into someone’s house (without their knowledge or consent) and saying “Hey, I just wanted to show you that someone could break into your house!  Get a better lock!”  How about just telling people what they can do to better protect themselves without doing the thing that you are trying to protect them from? 
    I’m 100% against this, I don’t even think it’s a matter of nuance.   It reminds me of those sites that post pictures that they’ve grabbed from Facebook of girls and women in various states of undress or revealing clothing.  They also claim to be “raising awareness” about privacy settings.  It’s just rude to single people out when you have a general message you want to send.  And to do the very thing they claim to want to protect you from makes them look disingenuous.

    1. Yes and no.  They’re not ACTUALLY stalking them, they’re just tweeting at them.  Your example insinuates that the bot starts following them around all day and peeking at them when they undress.

      1. But that’s why I said “stalking someone via Twitter.” I understand it’s not physically stalking them. It’s more like calling someone up long distance and telling them you know where they are, or have been.  Even if it’s just a recorded message that auto-dialed your number,  that’s still harrassment or what Cory calls nagging, IMO. Plus, unless you have all your information on lockdown and they do too, the stuff they are tweeting at you is public.

  2. On a few occasions, I’ve deliberately turned on location data when sending out an image (for example, when tweeting an image of a public event or artwork and wanting to conveniently attach a location to the tweet so others can find it) only to get chided (not by bots, but by other Twitter users) who sent words to the effect of, “Some privacy advocate you are! Why are you sending location data with your images?”

    Yeah, that’s pretty dumb. Being in favor of privacy means being in favor of letting people choose what to disclose, instead of having a company or government choose for you. Saying a privacy advocate can’t send out geotagged photos is like saying you can’t be in favor of marijuana legalization unless you smoke pot. 

  3. So when I raised this conversation in 2010 on Episode 41 of Social Media White Noise I got a response from @ICanStalkU http://www.mayhemiclabs.com/content/response-nicholas-butler-and-social-media-white-noise-podcast  all I can say is its good to note that in general they still miss the point

  4. Hi there. Larry (@haxorthematrix:disqus ), one of the co-founders of icanstalku.com here.

    First off, wanted to clarify a bit about the “twitter-bot” monicker as posited by Mr. Doctorow.  We aren’t a bot that spams anyone; the associated twitter account merely provides statistical information.  Now that being said, we used to send messages via twitter to everyone that was observed, then switched to just one an hour.  Guess what?  Twitter didn’t like that too much, and suspended our account, twice.  We got it, and that was not our intent.  For nearly the last 2 years, we’ve ONLY been posting to the website with no messages to users, unless some interaction is performed from the links there; at that point it comes from YOUR Twiiter account, not ICanStalkU.

    Loudmouthman, we remember the conversation distinctly, but we’re still confused as to who exactly is missing what point.  Sure, we get that some folks (such as yourself, and myself included) have looked at, and understand the risk of posting their location via geotags.  Cool, we get it.  The problem is the REST of the population that have NO CLUE.  We’re not preaching to the choir here, we’re preaching to everyone else.

    More to missing the point, our point is that you’ve included location data and published it with some speed directly to the internet (maybe without understanding the risk).  We’ve not provided anything that the poster has not already; we’ve merely “changed the format” of said data.  The change of data is trivial to accomplish; we’ve taught grade schoolers how to do it.  It isn’t a matter of some uber secret process, it is just a matter of knowing where the tools are. From there it isn’t much more than a point and click or two.

    We’re always willing to take comments, constructive criticism and hate mail.

    1. Thanks for the detailed explanation.

      I run Privacy Camp and the weekly Privacy chat on twitter with EPIC.

      Would you be interested in being a guest “speaker” on #PrivChat?

      More here > http://epic.org/privchat/

      We are booking up quickly in the first quarter.

      Shaun Dakin
      Founder @PrivacyCamp:twitter
      Founder #PrivChat on Privacy

  5. Obviously an affective way to solve this is through the use of a geosync orbit railgun, but you know that has a certain level of permanence to it.


  6. Whoever is behind this sure has an expansive and presumptive definition of “inadvertent.” It’s like the OWS cop logic, “random people get what they deserve when they catch my attention.”

  7. The email thing is stupid, I agree. I have two addresses. Gmail for personal stuff, family and friends and Google related activities. I use Hotmail for logging into sites that I’m forced to create accounts for and all other  purchases. It’s the Hotmail account I get all the emails from that woman in Africa who needs my help after I bought garden seeds online. It’s the Hotmail account I receive the lottery emails after registering on a photographers forum site. I love sweeping my Hotmail, it works. Surprisingly, I don’t receive  any xxx  junk after registering with two p^^^no  sites. Wow. 

  8. COIN: privacy shaming, a la the concept of slut shaming. Someone is doing something with their free will that you wouldn’t personally do, so you try to make them feel bad about it.

Comments are closed.