Event Startup Partiful Wasn’t Stripping GPS Locations From User-Uploaded Photos
Social event planning app Partiful, which bills itself as “Facebook events for hot people,” has become a top choice for sending party invitations. However, Event startup Partiful wasn’t stripping GPS locations from user-uploaded photos, raising serious privacy concerns. Users’ photos could reveal their exact location, exposing sensitive personal data.
Image Credits:Getty Images
Partiful lets hosts create trendy, retro-inspired invitations where guests can RSVP as easily as ordering a meal on a touchscreen. Its growing popularity has propelled it to #9 on the iOS App Store’s Lifestyle charts, and Google even named it the “best app” of 2024.
How Partiful Became a Digital Social Map
As the platform gained users, Partiful evolved into a Facebook-like social graph. It now tracks not just friends and connections, but also events attended, locations visited, and even phone numbers. While its user-friendly design is appealing, the privacy implications are significant.
Skepticism around Partiful grew when a New York City promoter announced a boycott. Concerns arose due to some of the founders’ and staff’s backgrounds as former Palantir employees—known for creating software used in ICE’s deportation enforcement databases.
GPS Data in User Photos: A Hidden Privacy Risk
In a recent test, TechCrunch discovered that Event startup Partiful wasn’t stripping GPS locations from user-uploaded photos, including profile pictures. Using only basic developer tools, anyone could access raw profile images stored on Partiful’s Google Firebase backend.
If a photo contained location metadata, anyone could pinpoint the exact spot where it was taken. This metadata, called EXIF data, is embedded in almost all digital images and videos. It can reveal camera type, settings, and crucially, the precise latitude and longitude of the photo.
Why This Matters
The security flaw could have exposed users’ personal locations to strangers without their knowledge. This kind of privacy oversight undermines trust in the platform, especially given its growing role as a social mapping tool.
For users, the risk is real: photos uploaded in good faith could reveal where you live, work, or hang out. For Partiful, addressing this issue promptly is crucial to maintain credibility and user safety.
While Partiful continues to rise as a social and event-planning platform, Event startup Partiful wasn’t stripping GPS locations from user-uploaded photos, leaving users vulnerable. Privacy-conscious users should be cautious until the app fixes this oversight.
Post a Comment