Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Privacy Social Networks AI Software The Internet

Massive Tinder Photo Scrape Has Users Upset ( 80

Images of Tinder users "were swept up in a massive grab of some 40,000 photos from the dating app by a dataset collector who plans to use the selfies in artificial intelligence training," writes Slashdot reader Frosty Piss, sharing this summary of a report in TechCrunch. Tinder said in a statement that the photo sweeper "violated the terms of our service" and "we are taking appropriate action and investigating further." The creator of the data set, Stuart Colianni, has released it under a CC0: Public Domain License and also uploaded his scraper script to GitHub.

He describes it as a "simple script to scrape Tinder profile photos for the purpose of creating a facial dataset," saying his inspiration for creating the scraper was disappointment working with other facial data sets. He also describes Tinder as offering "near unlimited access to create a facial data set," and says scraping the app offers "an extremely efficient way to collect such data."

The article notes that Tinder's API has already been used for other "weird, wacky, and creepy" projects, including "hacking it to automatically like every potential date to save on thumb-swipes; offering a paid look-up service for people to check up on whether a person they know is using Tinder; and even building a catfishing system to snare horny bros and make them unwittingly flirt with each other.

"So you could argue that anyone creating a profile on Tinder should be prepared for their data to leech outside the community's porous walls in various different ways -- be it as a single screenshot, or via one of the aforementioned API hacks. But the mass harvesting of thousands of Tinder profile photos to act as fodder for feeding AI models does feel like another line is being crossed."
This discussion has been archived. No new comments can be posted.

Massive Tinder Photo Scrape Has Users Upset

Comments Filter:
  • Good Grief... (Score:3, Insightful)

    by Frosty Piss ( 770223 ) * on Sunday April 30, 2017 @05:44PM (#54330377)

    Tinder said in a statement that the photo sweeper "violated the terms of our service" and "we are taking appropriate action and investigating further."

    TOS is meaningless in cases like this. TOS are meaningless anyway, except as, perhaps, a means to ban users. And that's pretty pointless as well.

    But really, what do people that put their photographs out on the Intertubes like this expect? Privacy? Really?

    • Re:Good Grief... (Score:4, Insightful)

      by mrsquid0 ( 1335303 ) on Sunday April 30, 2017 @07:14PM (#54330675) Homepage

      Its called blaming the victim. It is very popular in some circles.

    • by AmiMoJo ( 196126 )

      Clearly the general public has rather different expectations.

      Education is required. Maybe also some legal intervention... In the EU what this guy did might already be illegal, due to data protection laws.

  • by Anonymous Coward on Sunday April 30, 2017 @05:51PM (#54330403)

    I'm also an AI researcher. If I need a face dataset I could either use CelebA or the Facebook API to scrape user profile pictures. There's also a mugshot database/public DoJ and County jail mugshot API's so there's also that.

    Now with "GAN" generative models, there's very little need for large datasets unless the existing datasets are biased in some way.

    Let's get real here: someone wanted to build a Deep NN classifier for sexual promiscuity. Other than attention whoring, that's the only reason to harvest tinder users specifically.

    Grindr would do well to tighten their hatches. Training a NN to classify "heterosexuality" from their userbase is the next natural progression. Perfect for a homophobic witch hunt in 3rd world countries. Will I go to hell if I sold such an app to a the Middle East law enforcement agency? Doesn't matter if it works as long as you can demonstrate efficacy on the training data.

    Their purchasing agents are unlikely to be sophisticated enough to understand the importance of "hold out data", so it wouldn't be hard to put together a demo with near perfect accuracy.

  • by Chris Mattern ( 191822 ) on Sunday April 30, 2017 @05:55PM (#54330431)

    Putting photos out where anybody can see them means putting photos out where anybody can see them.

  • Where is this... (Score:2, Interesting)

    by Anonymous Coward

    I was thinking about making an autoliker that only liked attractive people using machine learning, and learn neural networks while at it. This dataset will come in handy.

    "The article notes that Tinder's API has already been used for other "weird, wacky, and creepy" projects, including "hacking it to automatically like every potential date to save on thumb-swipes"

    Where is this? Please, I need it!

  • Seems like people who had selfies scraped could file DMCA takedowns as they would own the copyright to the images.

    Really though, is this surprising? Seems like one could get most of these images from Facebook directly anyway.

  • by OYAHHH ( 322809 ) on Sunday April 30, 2017 @06:18PM (#54330517) Homepage

    I can see downloading for research purposes as being ok. And I can see developing the algorithms as being ok. I can even see uploading the algorithms as being ok.

    Now all of the above is predicated on not violating the terms the "researcher" agreed to if/when she signed up for the account he used. Assuming an account was required.

    But uploading the photos taken somewhere else for public consumption is just wrong.

    Abuse of privileges is how we get to the point we find ourselves many times in society. This breech of the public's confidence is just another stab in the back to a society that values respect.

    • by henni16 ( 586412 )
      I see nothing wrong with scraping and sharing the scripts even if not for research purposes.
      And if there's a ToS violation, well, that's between tinder and the user and tinder is welcome to block the account.

      But - morality aside - uploading the scraped images will certainly violate copyright law pretty much everywhere and at least in certain (European) countries it will also violate privacy laws which make it illegal to distribute images without the consent of the depicted persons. So, yeah, not cool.
    • by imidan ( 559239 )

      I can see downloading for research purposes as being ok.

      In an academic environment, at least, you'd have to run that plan by the Institutional Review Board and maybe the Human Studies Review Board. You're collecting personally identifying data about people. Even though the information is available on a publicly accessible website, does that make the data public? It's against the TOS of the web site to scrape it, so unless you made a deal with Tinder to get the data, I'd guess that the Board would reject

    • by aussie_a ( 778472 ) on Monday May 01, 2017 @12:47AM (#54331731) Journal

      But uploading the photos taken somewhere else for public consumption is just wrong.

      Tell that to all the people who upload material illegally and the millions who download them illegally.

      Society has spoken and said copyright law is irrelevant. These are the consequences. Suck it up.

  • The article links this as being the dataset "consist[ing] of six downloadable zip files, with four containing around 10,000 profile photos each and two files with sample sets of around 500 images per gender." []

    Which gives a 404.

  • WAKE UP SHEEPLE (Score:2, Insightful)

    :P Sorry for the title.

    But really, to the people complaining about this, ALL of your publicly accessible photos are entirely subject and probably already into "massive photo scrape". Tinder is saying they'll do "something" about it just because you know, PR speak, but they can't do much other than banning accounts which did it... which pretty much ammounts to nothing.
    This also could easily be done with any social network profile photos. Any service which you can easily create a profile and go searching for

  • by snoozy355 ( 873708 ) on Sunday April 30, 2017 @06:45PM (#54330605)

    Putting aside all the victim blaming for a second...

    This is meant to be a private (closed-source) application, with a private API interacting to the private server.

    Why the hell can anyone (read: unauthenticated users) access private data via a public and unrestricted URL? I've read articles reverse engineering their API. It's terrible! This is another company who did not put enough time and effort into securing the application and API, and now users (read: non-technical, real people, some of which paid money, all of which trusted the company) are left exposed.

    I really wish there was a way to force companies (ie: legislate) to place far higher importance on this. I've also been in situations where, as a developer, I've had managers scuttle or ignore requests to lock things down, in the interests of deadlines or cost or worse yet, "we'll fix it once it's up and running."

    • by epyT-R ( 613989 ) on Sunday April 30, 2017 @07:16PM (#54330689)

      The pragmatic reality is that once your pic is uploaded to the net it's up there for good. No amount of legislation will change that. If you don't want the pic shared with the public, don't upload it anywhere. These 'victims' should know better by now.

    • by DarkOx ( 621550 )

      There is fine line between victim blaming and pointing out for the benefit of others who could learn from all this how not to be a target.

      If you leave the door unlocked to house while you are going for the day, it does not give someone the right to enter and take your stuff. It does however make it easy for someone dressed in something looking like a letter carriers uniform, to go door to door trying knobs, in your typical bedroom community to take your stuff.

      You are still a victim, but your choices or lac

    • The upshot is you are sending data that can be interpreted by a machine that is totally under the recipient's control. Expecting to be able to keep access to that data restricted for the recipient is foolish at best. There is no way to secure it, I don't care what your API does. You can't encrypt against access if you're going to giving away the keys.

    • Putting aside all the victim blaming for a second...

      How are they victims? The only one victimizing people was whoever convinced the users they could anonymously use a service that requires a photograph. If one other person can view your photo, that one other person can distribute it.

  • by Anonymous Coward

    And was almost expelled for FaceMash

  • I bitch and moan about Facebook and AI. After all, I am just a "no social life, crazy" Linux user. You tell people how stupid it is to use anything related to Facebook and that AI is nothing more than a tool to kill encryption and anonymity, and people get angry; I'm sure Slashdot keeps a record of my comments for you to confirm my rantings on this. And not to take credit, for many others have made this point as well. I know Slashdot has a Facebook and there will probably be a bunch of moderating in the nex
    • I'm sure Slashdot keeps a record of my comments for you to confirm my rantings on this.

      According to my scraping script [], you're a noob on Slashdot. Soapbox much?

      Pages Processed: 13, Comments (Accepted/Total): 195/195
      Scores (195) | -1: 0, 0: 8, 1: 155, 2: 24, 3: 3, 4: 3, 5: 2
      Bonus (11) | Flamebait: 0, Funny: 1, Informative: 1, Insightful: 3, Interesting: 4, Offtopic: 1, Redundant: 1, Troll: 0
      Total Time: 00:00:47.00

      • Not really soap-boxing as much I'm just tired of the red herrings and ad hominems to keep people distracted and peer pressured on total crap. It seems as though most people are content as long as they have their iPhone and the polar ice doesn't melt. Meanwhile, the world sees people like me as figuratively holding a cardboard sign like a nut job. What's really frustrating is people knowing that their data is being used this way but not care, using phrases such as "I've got nothing to hide" (older generation
  • So... has anyone actually seen the dataset? And can you make any comments about it?

  • Shiver me Tinders?

To do two things at once is to do neither. -- Publilius Syrus