Public safety sees opportunity, pitfalls in social media

Social media can prove useful in investigations, but the use of Twitter and other tools by authorities has backfired at times

Law enforcement agencies are looking for ways to mine social media to look for threats, but those speaking at a conference on Wednesday suggested that an equally important issue might be trying to control authorities who are causing problems by their use of Twitter, Facebook and other such applications.

Those public safety groups that have started trying to tap social media to do their jobs haven't yet figured out how to sift through the massive amounts of data they collect, said speakers at the Microsoft Public Safety Symposium, held at the software giant's Redmond, Washington, headquarters.

For instance, in preparation for the Rugby World Cup, New Zealand police set up a system that scrapes YouTube, Twitter and Flickr, plotting the message, photo and video uploads on a map. Hovering over an icon with a mouse let an officer see the tweet, photo or still image from the video.

Officers could filter results to look for items posted from homes of known "folks who want to take out your mum," said Neil Macrae, senior sergeant with the New Zealand Police.

The system offered time stamps for when the tweets were made with a high granularity for where they were issued, he said. YouTube had the least accurate location information, he said.

But over the six weeks of the World Cup, the system collected 20 million tweets. "You need to start with a target. With 20 million tweets, it's pretty hard to scroll through," he said.

One person the authorities appeared to target was an "ambassador from a prominent country" who was tweeting his location after a match. Macrae didn't say which country the ambassador was from but implied the U.S. by noting that the game happened to occur on the anniversary of the Sept. 11 attacks on New York. "It was a bit of a security risk that he was doing that. His security detail was a bit apprehensive when we alerted them," Macrae said.

Matching location with social media information can be both a blessing and a curse. There is an acceptance that geolocation can be a positive aspect of social media, but for people in mission-critical roles, it can backfire, said Tim Pippard, director of defense, security and risk consulting for IHS Consulting.

For instance, in 2007 soldiers in Iraq took photos of a new fleet of Apache helicopters that just arrived. Adversaries in Iraq found the photos online and were able to discover the location. A month later, the base, which had been at a secret location, was bombed, he said.

Just last week the U.S. Army released a directive warning personnel about the potential danger in geotagging photos.

Still, social media has become the preeminent source of information for authorities. Pippard pointed to a February request from the FBI for information about systems that might help it better mine social media.

The request said: "Social media has emerged to be the first instance of communications about a crisis trumping traditional first responders that included police, firefighters, EMTs and journalists."

That suggests a major shift that also shows the inadequacy of traditional intelligence, Pippard said. One of the most glaring examples of that shift is that traditional intelligence failed to predict the uprisings in Egypt, which were well-organized using social media tools.

Even if authorities had noticed some social media activity, they also must be careful about the validity of social media messages. "If more than one tweet was coming from an area on a topic, it doesn't make it fact, but we can go there and look. It's a heads-up for the agency to get involved," Macrae said.

He mentioned an incident in New Zealand when a well-known rapper with a large following tweeted that there'd been a shooting in Auckland. It was retweeted countless times. The police weren't aware of the tweet until long after, when it became clear that there hadn't been a shooting.

If the authorities had been using Twitter more proactively, they might have seen the message and sent out their own message to reassure the public that the shooting didn't happen, he said. "If misinformation is out there, you have to hop on before it goes viral," Macrae said.

At the same time that authorities are looking for better ways to manage the massive amount of data they could collect from social media, they are struggling with how to use it internally.

The International Association of Chiefs of Police has developed a model social media policy that agencies are free to base their own policies on. It was created in response to an increase in calls and emails from members in 2009, said Nancy Kolb, who works for the IACP's Center for Social Media. The model policy also includes ways that agencies can use social media to improve their investigations.

Not a day goes by that she doesn't see a story in the traditional media about a department that has been impacted by poor judgment when using social media, she said. Incidents may range from an officer with a personal social media page describing himself as "a human waste disposal" to media outlets being the first to report on an officer-involved shooting.

She also sees issues related to imposter social media sites that look like those for a police chief but aren't. "We're seeing an increase in concern and issues in that area," she said.

The speakers made occasional reference to privacy issues, but mostly to say it wasn't clear how far they should go.

"Do we have the right to retain those tweets and look at them at our leisure?" New Zealand Police's Macrae said. He also wondered about the ethics of using a geotagged tweet to issue a search warrant.

In addition, he expressed concern about the possibility of "coercive forces" building a similar map that plots the location where tweets and photos are issued.

Nancy Gohring covers mobile phones and cloud computing for The IDG News Service. Follow Nancy on Twitter at @idgnancy. Nancy's e-mail address is

Join the CSO newsletter!

Error: Please check your email address.

More about ApacheFacebookFBIIDGMicrosoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Nancy Gohring

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts