A researcher scraped & archived public Parler posts before the conservative social networking service was taken down by Amazon, Apple & Google.
She said she has scraped & is archiving 99% of Parler’s public posts, as the social-media network goes offline following suspensions from Amazon, Apple & Google.
Archived content includes public posts from the social-media site. These posts reportedly included Parler video URLs made up of raw video files with associated embedded metadata & precise GPS co-ordinates of where the videos were taken, sparking privacy concerns about the service’s data collection.
Private Information
The researcher behind the archival effort, who goes by @donk_enby on Twitter, explained that no private information was disclosed as part of the effort – all archived posts were already publicly available via the web.
Parler, which launched in 2018 & markets itself as a “free speech social network,” has a significant user base of supporters of Donald Trump, conservatives & right-wing extremists. In Nov., the site had 10m total users.
US Capitol
The Jan. 6 storming of the US Capitol building led to several US tech giants cracking down on the service, including Apple & Google banning the app from their respective app marketplaces. That’s because several organisations, including the Atlantic Council, have called out Parler for not moderating its “town square,” allowing users to publicising the protest for weeks.
Also, Amazon reportedly informed Parler it was removing it from its web hosting service on Sun. night, basically removing the infrastructure it relies on to operate. Parler on Mon. filed a complaint against Amazon, alleging that it was kicked off for political & anti-competitive reasons.
Archive
After the Capitol riot, @donk_enby on Jan. 6 began to archive the posts. With Sun.’s news of Amazon stripping Parler from its web hosting service, she increased her efforts, saying on Twitter she was ‘crawling’ 1.1m Parler video URLs & calling for others to join in on the effort.
Contrary to various reports circulating on Reddit & other internet forums, there is no evidence that Parler was actually hacked; according to reports, @donk_enby was able to reverse-engineer the Parler iOS app, in order to discover a web address that the application uses internally to retrieve data.
Scraped Data
This scraped data is slowly being fed into the Internet Archive (archive.org), a non-profit digital library of internet websites, @donk_enby outlined. While no public data is currently available, “things will be available in a more accessible form later,” tweeted @donk_enby.
She said on Twitter that the effort was akin to “a bunch of people running into a burning building trying to grab as many things as we can” & “people can do whatever they want with it.” As of Jan. 10, she estimated the total size of scraped data to be around 80Tb.
Rumours
On Mon., @donk_enby rejected rumours posted on Reddit forums that observed that private data had been scraped as part of the archival effort, reiterating that only content publicly available via the web is being archived. Data such as email addresses, phone numbers, private messages or credit-card numbers were not affected (unless they were publicly posted), she outlined.
However, that public data – including the GPS co-ordinates from the image metadata – could pose a privacy concern when it comes to what Parler was collecting from its users.
Previously, the service has come under fire for asking users for their Social Security numbers & photo-ID images in order to become a verified account on the platform.
Metadata
Chris Vickery, Director of Cyber Risk Research with UpGuard, explained that many services remove this metadata when images & videos are uploaded to their site. Because Parler kept this metadata in, it reveals data attached to user phones, including GPS coordinates or phone models.
“Parler was not a bastion of security,” he suggested.
“There might be legal impact for particular Parler users, but there’s also an increased privacy & security risk,” security professional John Opdenakker outlined.
“Because of the location data & other (meta) data that now becomes easily retrievable about Parler users, it is simple to identify, locate them & reconstruct their whereabouts. This particular information could also be abused, for instance in online attacks against Parler users.”
Important Reminder
Opdenakker stressed the incident is an important reminder that everything people put on the internet stays on the internet – incl. when a service is shut down.
“The fact that you no longer see particular content online doesn’t mean per se that the data is effectively deleted,” Opdenakker concluded.
https://www.cybernewsgroup.co.uk/virtual-conference-january-2021/