How to freak out Instagram and Twitter users – and why they need to be more private

Graham Cluley
Graham Cluley
@

 @grahamcluley.com
 @[email protected]

Do you share your location on social networks like Instagram and Twitter?

Modern smartphones make it simple to embed your physical location in a tweet, or tag your GPS co-ordinates to a new snapshot you post.

Perhaps the following video will convince you that this isn’t such a good idea.

Social Media Experiment | Jack Vale

Sign up to our free newsletter.
Security news, advice, and tips.

American comedian Jack Vale took to the streets of Irvine, California, with nothing more than a smartphone.

With that, he was able to search for social media users nearby who were posting messages – and then FREAK THEM OUT by telling them their names, and personal information about themselves.

Location of social media users

As you can see in the video above, some of the social media users aren’t just mildly creeped out by a complete stranger knowing about their private lives, their response is anger.

Someone who knows your location might rob your house while you’re on holiday, or stalk you.

But it was ultimately their choice to share the information, and their location, on social networks.

So, here’s my guide on how to stop sharing your location with strangers.

Instagram

You might choose to change your account settings, so your Instagram posts and videos are treated as private, and only shared with your approved followers.

You do that by choosing Edit Your Profile, and ensuring that “Posts are Private” is enabled.

Twitter

Go to the Twitter website, log into your account and visit Settings > Security & Privacy. There you will find the option to add your location to tweets. Make sure it is disabled.

Privacy settings in Twitter

Twitter also gives you an easy way to wipe location information for tweets you have made in the past.

You may want to also examine the settings of your third-party Twitter app as well, to check that they aren’t putting your privacy at risk.


Further than that though, you could disable location services on your smartphone so Instagram (and other apps) can’t tell where you are.

InstagramiPhone users can turn off location services by going to their smartphone’s Settings app, and choosing Privacy > Location Services. Either disable Location Services entirely (which you may find inconvenient) or scroll down to Instagram and set it to “off”. You can do the same with your particular Twitter app.

Android users have their location determined by a variety of technologies (GPS satellites, WiFi hotspots and your proximity to cellphone network towers). You can disable Android’s location services by choosing Settings > Location services and disabling Google location services and GPS satellites. Of course, you may not find this a practical solution to the problem.

And, bear in mind, that if you disable location services *entirely* on your smartphone, you won’t be able to take full advantage of maps and “find my smartphone”-style services when you misplace your device.

Be careful with photos too. Photos taken on your smartphone might contain EXIF meta-data which includes your GPS co-ordinates. Anti-virus veteran John McAfee fell foul of just such an EXIF geo-tagging screw-up while on the run in Central America.

Ultimately, you have control over what you share on social networks. If the social network doesn’t give you an easy way to prevent publication of your location – maybe you should rethink your use of that social network, or not be surprised if strangers know more about you than ever imagined would be possible.

At the very least, be very careful what you post – and what details you are sharing with the online world about your location and private life.

If you are on Facebook, and want to be kept updated with news about security and privacy risks, and tips on how to protect yourself online, join the Graham Cluley Security News Facebook page.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

3 comments on “How to freak out Instagram and Twitter users – and why they need to be more private”

  1. Spryte

    Excellent article (and video).

    Should be required reading/viewing for All social media users.

    In fact one should not be allowed to open an account without having read and viewed the above.

  2. The inherent value of Twitter, Facebook et al is in the vast databases of information that they hold on the users of their services. That's the reason that you and I are allowed to use them for free.

    People who are concerned about breaches of their privacy shouldn't be online – its the only way to be sure…

    1. Coyote · in reply to Pete Stean

      Key point: This has nothing to do with whether you are on the Internet or not and same with social media. I DON'T use social media but I would be very surprised if I am not on it in some form, given that I have family that do use it… and that even considers that I'm not around others much. Besides, the Internet isn't social media and social media sure isn't the Internet (I do drop hints from time to time, including by having contributed to open source projects before, but these are my choices, directly, when I choose). In any case, all you need is to interact with someone (even by circumstances, accidental or otherwise), or someone who is filming you from a distance… and your privacy could be breached (this is constantly growing, too, and has been for many years). Similar to CCTV can implicate you in a crime these things can cause you problems (even if you're doing nothing wrong). That's the difference – someone willingly revealing their OWN information is their CHOICE and they aren't invading their own privacy; someone ELSE mining information about OTHERS (or otherwise making use of information that others have no choice in, or are unaware they are, revealing), however, is an invasion of privacy (especially if shared/abused/etc.).

      More information about how being on or off the Internet is actually irrelevant:

      To say that you shouldn't be on the Internet if you're concerned about privacy breaches, is to say something like "You should never get in to a car if you don't want to be in a car accident" and it ignores the possibility it is your only choice (and it is a false sense of security to suggest following that will solve the problem). You can still be in a car accident even if you never get in to a car: pedestrians get hit, for example. For the Internet versus privacy thought, government records, job history, many other things can reveal a lot even when there was no choice by you, even if you don't have access to the Internet. End result is the same though.

      There is no 100% privacy (never has been – espionage goes back as far as history and animals also observe other animals in order to know when is best to go for food, etc.), and falling prey to such a thing is what matters, not how it happened (of course understanding it can help you improve and protect yourself or others, later on, but what is done is done). Privacy has far too many variables, being on the Internet is irrelevant to it (on a whole) and understandably many have concerns with these things, people like those in the video.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.