US Army warns about the risks of geotagging

Filed Under: Facebook, Featured, Mobile, Privacy, Social networks, Uncategorized, Vulnerability

Phone on map, courtesy of ShutterstockIn 2007, a fleet of US Army helicopters flew into a base in Iraq. Soldiers took pictures on the flight and then uploaded them to the internet.

Based on the automatic geotagging applied to photos by almost every smartphone on the market, the enemy determined the exact location of the helicopters inside the compound and launched a mortar attack that destroyed four AH-64 Apaches.

With geotagging growing ubiquitous, soldiers are being asked to ponder this question: "Is a badge on Foursquare worth your life?"

The question was posed by Brittany Brown, social media manager of the Online and Social Media Division at the Office of the Chief of Public Affairs, and included in a release put out last week to warn soldiers of the security risks of geotagging.

Beyond smartphones' built-in photo geotagging, location-based social media applications and platforms are rife: Foursquare, Gowalla, SCVNGR, Shopkick, Loopt and Whrrl are examples of GPS-enabled technology that are typically found in phones and that publish users' location in exchange for rewards such as discounts, badges or points to encourage frequent check-ins.

And Steve Warren, deputy G2 for the Maneuver Center of Excellence, or MCoE, pointed out that uploading smartphone pictures to Facebook is another example of how a service member can inadvertently broadcast the exact location of their unit.

As reported by the BBC, the British Army has banned the use of mobile phones in operational zones such as Afghanistan and cautions soldiers against taking pictures on smartphones under any circumstances.

But the US Army also warned against anyone using geotagging, not just soldiers, saying it really does expose anyone who uses it.

check-inOne example is Facebook's new Timeline feature, which includes a map tab of all the locations a user has tagged. Such a wealth of information, freely available to anybody tagged as a "friend" on Facebook, basically represents a Dummies Guide to Stalking.

Here's how the risks of Timeline were described by Staff Sgt. Dale Sweetnam, of the Online and Social Media Division:

Some [Facebook users] have hundreds of "friends" they may never have actually met in person. By looking at someone's map tab on Facebook, you can see everywhere they've tagged a location. You can see the restaurants they frequent, the gym they go to everyday, even the street they live on if they're tagging photos of their home. Honestly, it's pretty scary how much an acquaintance that becomes a Facebook "friend" can find out about your routines and habits if you're always tagging location to your posts.

Bear in mind that most geotagging-enabled applications allow users to limit who can see their check-ins to friends or friends of friends. That's a security feature that's wise to take advantage of.

Here are the Army's rules of thumb for both enlisted personnel and for civilians when it comes to staying geo-safe:

  • Don't friend someone if you haven't met them in person. "Make sure you're careful about who you let into your social media circle," Sweetnam said.
  • Even if there's nothing classified about an individual's location, a series of locations posted online over the course of a month can create a pattern that criminals can use.
  • Disable the geotagging feature on your phone.
  • Check your security settings to see who you're sharing check-ins with. MCoE OPSEC officer Kent Grosshans noted that if somebody knows that your spouse is deployed, for example, they'll also know that 1) your spouse isn't home and 2) where your house is.

As Officer Grosshans noted, the same applies to safety for children. Do you really want the entire world to know where your child goes to school?

His advice:

Be conscious of what information you're putting out there. Don't share information with strangers. Once it's out there, it's out there. There's no pulling it back.

Phone on map image, courtesy of Shutterstock

, , , , , ,

You might like

16 Responses to US Army warns about the risks of geotagging

  1. thelittlep · 1308 days ago

    Sorry but this is a case of the Army blaming some private rather than seeing the risk of having hundreds of Third Country Nationals (TCNs) collecting intelligence on base. Cracking a phone is not a easy process and finding a single phone of one person is hard. Paying some random TCN for data about where the helicopters are parked is simple and easy. This isn't a security matter, it is the Army doing what it does best, not understanding what the problem is. Want to know where those helicopters were? They were in the same place as the last rotation of helicopters for the last four years were.

  2. Randy · 1308 days ago

    Giving the enemy military information is treason. If our troops are not smart enough to properly handle current technology then cell phones should be banned from active military personnel. I know that sounds draconian but when you join the military you voluntarily give up many rights you took for granted when you were not enlisted. Along with the 4 destroyed helicopters, how many troops were injured or killed in the mortar attack?

  3. Dennis · 1308 days ago

    Yes, I am one of those stoneage people that do not use Facebook. Would not "touch it with a 100 foot pole." I also have an ordinary cell phone for talk only. My exposure with that is still more than I would like but at least it does not geo-tag. Most of the time I keep it off too, turning it on only when I want to make a call. Am I a little paranoid? Probably somewhat I must admit.

  4. AntonioG · 1308 days ago

    The problem is with people thinking that everything is "private".
    Also people don't know what security is, majority of people who use technology
    are still afraid to Google something and try to fix it themselves. They'll throw it to
    the wayside and buy a new one if they can. We still act like personal computers
    are a new thing, like if we press the wrong key at the wrong moment our computer
    is going to blow up or something.

  5. Joanne · 1308 days ago

    "As Officer Grosshans noted, the same applies to safety for children. Do you really want the entire world to know where your child goes to school? " Don't most children go to a school? I'm sure they are not secret locations, and are usually well signposted places!!!!

    Easy answer is don't have 'false friends' on fb, only add those that you know and trust, and only share information with those you know and trust.

    • Jodi · 1209 days ago

      Excellent Advice Thank you Joanne , also my moms name , Thank you for this reminder !!!<3

  6. Ashley · 1308 days ago

    Geotagging sounds like a cool idea, but to me the risks just aren't worth it. Particularly if the info gets shared with people you don't really know or haven't met. In my mind, it's kind of like walking down a dark alley in the middle if the night. Maybe most in most cases everything turns out fine, but that doesn't make it a wise move.

  7. Anonymous P Body · 1308 days ago

    I have been surprised to see how many people put their information on those Google maps without even thinking twice about it. I mean, I admit, I don't know everyone on my "friends list" do you ? People just feel much too safe for my taste.

  8. Laurens · 1308 days ago

    Hope I don't get mortared because I put up some old Army photos from my home.


  9. tina · 1307 days ago

    And it only took about 5 years to figure this one out?

  10. cbrp1r8 · 1307 days ago

    All your data are belong to me!!!

  11. Henry Bowman · 1307 days ago

    Revenge of the Furbies!

  12. Sean · 1242 days ago

    This is a ridiculous article. An a Marine with 10 years in the infantry this is impossible. The cell phone networks in Afghanistan/Iraq would not be able to support the data to upload photos. In addition there are no wireless networks near the flight line. Even if the uploaded them later on a base internet cafe the grids would be far from accurate.
    Obviously no one here understands how indirect fire (mortars, artillery) works.

    There are not enough cell phone towers in Afghanistan to give a grid location accurate enough to call a mortar strike. For those who have actually used geo-tagging it is the same as when you "check-in" at the McDonald's, but your map shows your pinpoint at the Starbuck's across the street because you have poor service.

    Let's pretend that the enemy did get an accurate location off of Facebook etc. They would still have to convert the location to something useful like latitude/longitude or an MGRS grid coordinate. Then they would have to compute the distance, direction, and elevation of the target in relation to themselves. This requires skills that the enemy does not have. Particularly the Taliban in Afghanistan.

    Finally I have to say that if the enemy wants to mortar us they're going to do it whether you use a cell phone or not. We live in large bases that stand out in the barren landscape. The enemy uses direct sight/direct alignment; he has to see his target. An enemy could observe our base, crawl down the backside of a hill, and then lob mortars at us. In the story above he probably saw the 4 helicopters land every day in the same spot.

    We have ways to prevent this using force protection. Observation and security patrols. Drones etc. I'm going to keep uploading photos and keep my family updated while I can. I'll keep killing them until they stop coming. Maybe I'll geo-tag their grave site.

    • frank · 1210 days ago

      actually sean, you are wrong on a few things. 1)In Afghani, they may not have phone towers but it is not need for geotagging. geotagging uses satalite (gps)and not phone towers. Therefore, well...... there's your answer.

      • Chris · 810 days ago

        true.... and when you take a picture with geotagging those gps coordinates are embbeded in the file itself. And then with some free software readily available on the internet you can get that info and use it as you please.... whether to mortar or spy on your girlfriend.

  13. NotSoOld retired First Sergeant · 681 days ago

    "Here are the Army's rules of thumb for both enlisted personnel and for civilians when it comes to staying geo-safe"

    Excuse me . . . are there no officers and warrants in today's military?

    Or perhaps it's embarrassing to admit that in today's military, the enlisted force is as well educated, if not many times more so, that the officer force? Not to mention equally responsible, often more tech- educated?

    Just wondering . . . if maybe the military is overlooking a source of many security issues.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.