About the website

The website is built on top of the Django framework and implements social log in with 3rd party providers using OAuth. I believe in transparency so I think you should be able to review and study it. Therefore, you can find everything on my GitHub. Here's a quick summary if you don't want to be bothered by the details.

  • I DO NOT do the following:

  • I do not ask for or store passwords. You enter your passwords on the provider's website.
  • I will never post on your social media profiles on your behalf or access any other information, like friends lists or interests.
  • I will never disclose, sell or share your data with 3rd parties.
  • I will never use your data for any other purposes but academic research.
  • I will never attempt to connect your data to your real identity.

  • I DO do the following:

  • I collect geospatial data from your online profiles - with your explicit permission.
  • I use your data for my academic research to advance our understanding of cross-platform user behavior.
  • I anonymize your data and remove any information that would allow anyone to identify the real you.
  • I will share my findings with the public and will try to publish results in high impact research outlets in my field.
  • I do my best to ensure that your data is safe and to address any concerns you might have.
  • My approach is to be open about what I do. The information I collect varies from platform to platform. A complete list can be found below in the What happens afterwards? section. Still got questions? Please get in touch.

    How does it work?

    The logic is pretty simple. I am asking you to contribute to my research by allowing me access to your location data in different social media and mapping platforms. Participation is entirely voluntary and you can control what you share with me. If you decide to share your location data (e.g. geotagged Instagram posts, OSM edits, etc), I need your explicit authorization. This is done on the provider's website. Here's an example of how it works:

  • Say you decide to share your Instagram posts with me

  • You will be redirected to Instagram's website where you can log in with your credentials
  • On a separate screen, Instagram will ask if you allow my application to access your profile.
  • If you authorize my app, you will be redirected back to his website. My app also receives so called authorization tokens, which I can use to programmatically access your Instagram timeline and save your geotagged posts.
  • You can repeat the same procedure for other providers listed on the Social applications page.
  • And that's it! You are pretty awesome for helping out. Your help allows me to take my research to the next level!
  • Visit the Social applications page to see the list of providers you can share with me.

    What happens afterwards?

    Once I receive the authorization tokens, I can collect geotagged information from your profiles. This is not automatic so you don't have to worry about me constantly spying on you. Typically, I will run the data collection process once for new people signing up on the website. I will also run a final data collection before conducting the final analysis, sometime in May - unless you revoke my authorization in the meantime. See below for a complete list of information I collect. If you prefer to get technie, check out the data collector class.

  • Platform specific information collected through this service:

  • Facebook: User Tagged Places
  • Twitter: User Timeline
  • Instagram: media/recent
  • Flickr: people.getPhotos
  • Foursquare/Swarm: checkins
  • Meetup: events
  • OpenStreetMap: changesets
  • Mapillary: sequences
  • Strava: activities
  • iNaturalist: observations
  • This is sensitive information. What steps did you take to protect my data?

    Excellent question! To ensure privacy, I have set up secure SSL certificates so your connection is encrypted. The website is running on an AWS EC2 instance in the cloud. Further, your user data (i.e. tokens) and location data (e.g. Insta posts) are stored in separate databases (Postgres AWS RDS instances) to make sure they can't be easily connected. Data is only accessible from the machine runnig the Django app and from the secure University of Florida network.

    How can I opt out?

    While seeing you leave makes me sad, it is your choice to opt out if you'd like. You have the following options:

  • Remove single platforms from the list of authenticated services on this page. This will delete your authorization tokens and will prevent me from getting more data.

  • You can manually revoke permissions associated with my data access on the provider's website. I have collected these link below to make it easier for you. This step invalidates your access tokens, therefore it is the most secure way to ensure no one is accessing your data. Click on the links below and look for apps names "UF Geomatics" or "Geo-spatial data collector" created by me.

    Instagram
    Twitter
    Facebook
    Foursquare
    Flickr
    Meetup
    OpenStreetMap
    Mapillary
    Strava
    iNaturalist

  • Don't want to bother with anythin? Send an email to levente.juhasz@ufl.edu and ask to be removed.