What the ‘Girls Around Me’ App Dust-Up Says About User Behavior (And Your Security)


The web-centric moral outrage du jour is currently centered on a tasteless iOS mobile app called Girls Around Me, which in its most polite moments has been decried as a creeper app and in less forgiving terms as the ultimate online tool for stalkers. Girls Around Me aggregates public check-in data and, at the user’s request, highlights how many girls are presently at or near your location. In blunt terms, it helps iPhone-owning guys track down the venue with the best odds of hooking up. You can see how someone might find Girls Around Me to be a bit offensive.

What’s really offensive is the naivete at work here.

CNET’s Molly Wood, Forbes‘s Kashmir Hill and PCWorld‘s Sarah Jacobsson have all decried the outrage against Girls Around Me from essentially the same viewpoint: What, exactly, did everyone think would happen when they shared their location data online? All check-in apps are based around a certain level of exhibitionism — from “hey, everybody, I’m at the hottest club and you’re not” to “I’m at the premiere of The Hunger Games, ping me later if you want spoilers” — in that you want people to know what you’re doing and where you’re at. The naivete is the assumption that only your friends would be interested in the data, and that anyone who sees your check-in information will use it for your benefit.

This is the type of thinking that drives I.T. staff, particularly security professionals, absolutely nuts. No small portion of the Girls Around Me outrage stems from the sudden realization that any information you share can be used against you. Users don’t like to consider the downsides to broadcasting their personal information. This same willful ignorance leads to users taping Post-It notes of their passwords to their computer monitors. Sharing check-in data makes it easier for your friends to find you, just like keeping your password out in the open (or in your browser autofill directory) makes it easier for you to log into Gmail.

Convenience comes at a cost. That cost may well be outweighed by the benefits — your check-in data is far more likely to be used by your friends than by creepy jerks in a bar — but you should at least consider the risk-reward before sharing information. Too often, users can’t or won’t ponder those tradeoffs, which is how Girls Around Me gets published, and passwords get stolen.

The same people shocked that Girls Around Me can harness their check-in data are the same people logging into your Google Apps domain or Salesforce database. It’s time for those users to grow up and become responsible adults when it comes to data-sharing. Whether that happens remains to be seen.

Until then, hope you’ve got a good backup plan.