Important FetLife Privacy Issue – Image/Profile Scraping

Just moments ago (as of 6:30pm on May 22nd), a new website/tool for fetlife privacyscraping data off of FetLife was posted about in a thread by a user going by the name of ‘twxlomn’. The thread was devoted to the discussion of FetLife privacy following the recent FetLife ‘Meat List’ controversy.

The new tool (which OntarioKink.com has decided not to point our readers to in the interest of FetLife user’s privacy) expands upon the fuctions of previous tools that have caused panic, which scraped public data available on all FetLife user’s profiles (user name, age, gender, city, state, country). This time, the person who created the scraping tool also programmed it to provide the user’s profile picture (avatar) along with the user name. This means that if your profile picture is set to a face picture or picture containing other distinguishing marks, a user of this tool would not need a FetLife login in order to view your picture. This tool responds in real time to queries, rather than having a static database from what I can tell.

UPDATE: Based on some tests I’ve run, it does not actually appear to be live, as profile pics are not changing in the results

UPDATE: It appears that 883,780 user’s profile pictures and basic info have been scraped.

UPDATE: The creator of the tool has contacted OntarioKink.com to comment on the tool and offer some additional clarifying information. Read below.

Here is a screen capture of the tool:

FetLife Privacy

The tool can be used to return search results of users fitting certain criteria, and includes the user’s profile picture in the results. (Image obscured for user’s privacy)

The creator of the tool reached out to OntarioKink.com since we broke the story, and has offered some clarifying information. Here is their comment (which can also be seen in the comment section below):

A few corrections:

– The site has actually scraped 3,925,330 profiles

– The site has a static database of these profiles that was last updated 11 May 2015 (approximately).

– FetLife search engines (including this one) are explicitly legal beause they meet the Fair Use criteria known as “transformative use”:

http://en.wikipedia.org/wiki/Transformativeness

because they “provide the public with a benefit not previously available to it, which would otherwise remain unavailable”, and “in a different manner or for a different purpose”.

< END QUOTE >

To be clear, the idea that your image or information is secure simply because you need to be a FetLife user is foolish at best. ANYONE can create a profile, and therefore anyone can view your profile info, activity, and also writings and pictures (the latter two of which you have the option of setting to ‘Friends Only’, which is a slightly more secure option).

What can I do to protect myself?

The answer to that is fairly simple. Unless you’ve posted your personal information (legal name, email address, phone number, etc) directly on your ‘About Me’ section of your profile, the only way someone can actually identify you positively is through your pictures.

In this case, since the scraping tool retrieves the result of your profile picture, I’d suggest switching your profile picture to one that doesn’t contain your face (or distinguishing marks). That will at least prevent future data scrapes like this from finding your face picture as easily. Next, I’d suggest setting face pictures to ‘Friends Only’ as a way to narrow down who has access. Then, assuming you haven’t added someone who intends to scrape content, you shouldn’t have to worry.

Should I Abandon FetLife.com?

In short, this is not a problem exclusive to FetLife. Any social media website can fall victim to such ‘hacks’, and there really is no way to prevent them. It takes hours for the programmers working for FetLife or Facebook to come up with ways to prevent this type of thing, and it only takes mere minutes for unscrupulous folks out there to find ways to get around it. Fetlife can spend millions of dollars and hours to try to stay ahead of the problem, but they will only be minutes ahead. Facebook has been facing criticism for years for similar things, including not actually deleting the pictures you decide to delete from your profile.

Within minutes of the tool being reported to FetLife, the Caretakers responded by deleting the link to it (the less eyes seeing/using it the better), and by banning the user’s profile from FetLife. They will also likely respond through legal means, as they have in past cases. Roughly a month ago, FetLife responded to a similar attempt to scrape the database (the aforementioned ‘Meat List’) in this post which shows they are actively trying to minimize the effects of such scrapes. The reality is though…there really is no way for them to ‘win’. While they can spend a lot of time and money constantly trying to stay ahead of people that do this…it only takes a few minutes for an unscrupulous person to modify their script and try another technique.

There are only really only two things that can be done to help in these situations.

The first to is change YOUR behaviour. Unless you’re okay with whatever pictures or content you’re posting to become public knowledge…don’t post it in the first place. Read our Tips for Privacy on FetLife article.

The second, is to change the way we view people. They are not ‘meat’. They deserve respect. That change starts with one person, and we need to pass that respect on.

Pass it on.

This is an important message that needs to be heard by anyone using social media, and especially anyone concerned with FetLife privacy. Please click ‘love’ on the FetLife post, and share this article through social media to spread awareness!

Read our other posts regarding FetLife and internet privacy here:

Matt Signature

Comments

Comment

*