Credit: Gerald Friedland and Robin Sommer
Data embedded in a digital photograph of a bicycle, taken with an iPhone 3G, can identify an individual's location to a range of +/- 1 meter.
The photos and videos you upload could reveal a lot about where you are.
Data stored in digital photographs can help criminals locate individuals and plot real-world crimes, a practice two researchers called "cybercasing" in a recently published paper. The site Pleaserobme.com was one of the first to expose the problem by displaying tweets tagged with location information, although it has since stopped the practice.
Location data can be stored in a digital photo or video's metadata, information about the file itself. That data can include, among many other things, the make and model of the device used, the date and time the photo or video was taken, and the geographic coordinates of the device at the time the photo was taken.
In the paper, Gerald Friedland, of the International Computer Science Institute, and Robin Sommer, of Lawrence Berkeley National Laboratory, explain how Craigslist, Twitter and YouTube could be used to locate people and plot crimes.
On Craigslist, location data in uploaded photos could be combined with information from the postings themselves, such as "please call Sunday after 3pm," to help a thief speculate about a user's whereabouts. And while many posters chose not to list home addresses, their photos seemed to reveal that information anyway. To examine how accurate location data can be, Friedland and Sommer used an iPhone 3G to photograph a bike, as one might do to sell it on Craigslist, and found that the location information was accurate to within one meter of the actual spot the photo was taken.