Geo-enabled social media posts Archives

Where Was this Social Media Photo Taken?

We get this question a lot. Can you tell me where this social media photo was taken? The short answer is probably not. Here’s why~

An easy way to explain this is to think of the chain of custody of a photo. How was the photo taken originally? Chances are, it was taken using a person’s smartphone. It could, in some cases, have been taken using a digital camera.

Digital cameras can store a lot of relevant information about a photo. It can reveal where it was taken, how it was taken & when it was taken. Digital Forensic Investigators and Examiners know exactly how to extract this data from a photo & use it to fight child exploitation and sexual abuse.

However, what many people don’t know, is that the data behind the photo can be manipulated and changed.

Geotagging a Post or Photo

It was once very popular to post a photo in social media and tag the photo by letting everyone know where you are. Remember Four Square? Many people still do this. You may see a friend who posts a photo on a beach and they tag who they are with and where they are. Those are the easy ones!

However, many people have learned the hard way not to do this. Not only does a geotag let criminals know where you are, they also let them know you aren’t home. Most people are very well aware of their privacy settings on their mobile phone and in social media.

Therefore, it is near impossible to determine where a social media photo was taken, if the geotag is set to private or is off altogether.

So what is the data behind the image? It is called EXIF data.

EXIF Data

What is EXIF data? EXIF stands for Exchangeable Image File Format. It is basically the metadata attached to every digital photo you take. It will include information such as the camera model and settings you used, the date and time you took the picture, and even details about exactly where you took the picture. Photographers can use this data to help organize their photos, perform searches, or re-create the exact manner in which a picture was taken.

** But – please note: Facebook and other social media platforms do not publicly share EXIF Data. They strip it when it is uploaded.

The FBI warns against sending photos through the internet or sharing on some social sites.

How to Get Around EXIF Data

According to the FBI’s site, here are some of their suggestions. So, keep in mind that many people do know how to do this and are doing it.

Turn off your phone or camera’s geo-location feature before ever taking the picture. Note: devices in airplane mode can still capture geo-location information.
Remove EXIF data before sharing images with people or posting them online, especially when images are captured in private homes or businesses. There are free apps that you can use to do this.
Use an EXIF viewer to verify that you were successful in stripping the personal data from the photos before sharing.
Before uploading images, use available privacy settings to limit the audience to only your close friends and family.
Minimize the use of apps that automatically upload and share captured images.
Even without EXIF data, the image may contain identifying information, such as associated persons or location histories. Screen content with the assumption that anyone can see, copy, or forward photos that you post online.

Image Tip

To find an image’s exif data, right-click the photo and select either “properties” or “information”. If the GPS coordinates appear, simply type them into Google Maps to find the location.

While this is a long shot, it is worth the effort should you find a photo online that was not shared in social media and appears to be recent.

In a recent blog post, we suggested trying Photo Investigator: The Photo Investigator is an iOS app to view all image metadata (all the possible data stored ABOUT and within each photo). You can also remove photo metadata with an in-app purchase. The Investigator can also open the image’s GPS location in the maps app for directions; view images at full size and zoom them larger than in the Photos App.

The Importance of Preserving Social Media Evidence

Social media has changed the way we communicate and live. We feel the need to document our entire life, from our child’s first day of school, to details of our family vacation, and even what we ate for dinner. Most of us assume our posts are completely innocent, but nowadays social media has become an extraordinary source of evidence. Our digital footprint grows daily with every photo posted, status updated and video shared. These footprints are hard to erase.

Yesterday’s status update can easily become evidence in future litigation. This is especially true in criminal, family, personal injury and employment law. The practice of law and the ability to access information relevant to a case has been noticeably impacted by the internet. Furthermore, the rise of social media has given everyone with an internet connection the ability to receive, send, and store information in numerous formats.

So how does this storage and sharing of information on personal social media accounts can play out in a legal case?

Private Posts Are Not Always Private

Social media users utilize their privacy settings in different ways. Some people may have private Instagram and Facebook accounts but a public Twitter account. Or they may have a private Facebook account and public Instagram. Different platforms allow users to fine tune exactly what they want other followers, users, or browsers to see.

But just how much privacy do you actually have? Limiting a photograph you post to a specific audience is more private than making it public. But do you really have an expectation of privacy when you post to hundreds of “friends”, even with your privacy settings activated?

Police in Jacksonville, Florida, utilized social media in an investigation called Operation Rap Up. Numerous alleged gang members were arrested for illegally possessing weapons, which is prohibited for people with felony records in the state. The sheriff told media that at least some of the evidence had come from YouTube videos posted by the accused.

More and more, police are increasingly turning to the internet to gather evidence about suspects, and this material is being used in civil suits, ranging from divorces to personal injury claims. If you file suit claiming that an injury sidelined you from professionally playing basketball, yet later post pictures of yourself shooting hoops, as the defense argued in a recent New York case, the court will more than likely give the opposition access to your devices for more potential evidence.

There are numerous methods of capturing this evidence.

1) Print
When police, lawyers, or investigators observe something on social media in real time, they capture it immediately. There’s always a chance posts, photos, and tweets will be deleted so grab them while you have the chance. By printing the web page or social media post, you have a date and time stamp in case the evidence is deleted.

2) Screenshot
A better method of preserving social media evidence is to capture a screenshot or screen picture. Essentially, you’re using software to take a photo of what’s viewable on the display.

3) Software and tools built to preserve

While printing or saving a screenshot preserves what you see, screenshots lack the behind-the-scenes information (called metadata) that’s embedded into the webpage or post. Police, investigators, and the like can now utilize software built specifically for collecting and preserving online and social media content. These tools log the accurate visual representation of the content as well as all available metadata such as date, time, location, poster’s IP address and browser used. All content can be digitally signed and time-stamped in satisfaction of the legal requirements for submitting digital content as evidence.

As people increasingly share their lives online, the incredible amount of content will continue to grow and often be relevant to litigation. And most courts are happy to allow this evidence. Judges have been generally receptive to granting law enforcement warrants to obtain social media records to use against them for an arrest or in an existing case against them. Facebook maintains a portal for law enforcement to request evidence associated with an official investigation. Twitter has codified a detailed set of guidelines for law enforcement requesting and obtaining such evidence. YouTube, Google, and WhatsApp have done the same.

Executive Protection on Social Media

With the plethora of information shared on social media, the importance of security is on the rise. For individuals in powerful roles, executives (CEOs and COOs), and celebrities, most of this has to do with the security of personal data. Can hackers get into personal accounts? What will they do with the information they find?

Let’s dive deeper into executive protection (EP) in corporate and high net worth contexts. What can you do to protect your client’s reputation as well as their personal safety? Executive protection teams must be able to handle many different moving parts at once – reputation risk, physical security, and cybersecurity.

Of course, the easiest route is to just stay off social media. But that’s like telling a child not to lick the spoon when baking cake! EP pros need to know how to embrace social media, not reject it. Below are some strategies that can help best protect your clients.

1) Social media is part of our world. Know how to navigate it.

According to recent research by the University of Massachusetts, Dartmouth, all but three Fortune 500 companies are active on social media with corporate accounts:

98% use LinkedIn
88% use Twitter
85% use Facebook
75% use YouTube
53% use Instagram
42% maintain blogs
31% use Pinterest
10% use Snapchat

Keeping track of what your principal is up to on social media helps EP pros in several ways. It helps you understand what’s going on in his or her life and what’s important to him or her. Being aware of contexts that are meaningful to your client is a good idea no matter what business you’re in – including the business of executive protection.

Also, observing what the principal is doing on social media – and what others are doing on social media regarding your principal – helps you improve your protective practices. You need to follow and understand what everyone else can follow and understand about the principal simply by taking a look at their smartphones. You need to monitor what others monitor. Then you can add your protective perspective so you’re looking for things that can impact the principal’s wellbeing, including time and place predictability.

2) Disable Geo-enabled Social Media Posts

Enabling the public to know your executive’s location opens up an entirely different world of risks, including oversharing information to those who don’t need it. Geo-enabled social media postings through location-based services (LBS) create physical risk, leaving the executive with little to no privacy.

The best way to combat this risk is to remove it completely – turn off the geo-enabled feature for both your executives and their family members.

Social media posts can also increase time and place predictability. A simple Facebook or Instagram post can broadcast your location quickly and accurately. Maybe the principal just wants to say “Hey, check out this cool picture that shows you what I’m up to and who I’m with.” Although it seems harmless, the principal’s time and place predictability helps the bad guys. They conduct surveillance prior to any bad deed: the ability to predict when a victim will be where helps them plan an attack – and increases their chances of getting away with it.

Protective teams can combat this by using surveillance detection and mixing up routes so the principal is not commuting via the same streets at the same time every day. Keep access to principal itineraries to the absolute minimum.

3) Monitor for Executive Account Imposters

There’s always a risk of imposters on any social platform. Fake accounts are used as part of social engineering and spear-phishing attacks to target customers and other key employees.

Make sure you have a verified account or page. That way, if anyone sees a page that is posting as the executive, but knows that that’s not the official page, they tend to be less believing of the content coming from “unverified” pages. Next, you should have a monitoring system with triggers in place that understands the difference between authorized and unauthorized social media accounts quickly, so take-downs can occur quickly.

3) Don’t Reuse Passwords
It sounds simple enough but passwords are the main portal of entry to any account – whether it be social, personal, or financial. Once a hacker has been able to bypass and figure out an executive’s password the risk factor increases exponentially. Have different passwords for each social account – that way even if one account is compromised, the others not mean an immediate compromise

4) Everyone’s a Journalist

EP professionals need to understand the implications of anyone being able to take a picture (of the principal, of the principal’s family or colleagues, and the EP team) and then posting it to social media where millions, can see it in seconds.

Let’s say your principal is in a restaurant having a meal with a colleague or their family. It is quite likely that someone in that restaurant will post a picture on social media, maybe even the restaurant owner trying to announce that a prominent person likes their food. No matter what the instance, it could mean that a crowd of people shows up before dinner is done. And that definitely means your principal’s privacy is in jeopardy. Of course, there is no way to prevent all photos or postings…but EP professionals must consider this type of exposure as part of the overall risk environment.

While these tips can certainly help you reduce the threat posed by social media, it’s inevitable that some information about your organization and its employees will be available to criminals through social media. This is why, no matter what else you do, security training for employees is an essential component of any cybersecurity strategy.