Illustration by Eric Nyquist

Unnatural Surveillance: How Online Data Is Putting Species at Risk

The rapid growth of digital data has been a boon to researchers and conservationists. But experts are warning of a dark side: Poachers can use computers and smartphones to pinpoint the locations of rare and endangered species and then go nab them.

In the arid far-western region of South Africa is a vast flatland covered with white quartzite gravel known as the Knersvlakte – Afrikaans for “Gnashing Plain” – because it sounds like grinding teeth when you walk across it. It’s a good place to watch unpeopled horizons vanish into ripples of heat haze, but to appreciate its real value you must get down on your knees. The Knersvlakte holds about 1,500 species of plants, including 190 species found nowhere else on earth and 155 that are Red-Listed by conservation biologists as threatened with extinction. To protect them, 211,000 acres have been set aside as the Knersvlakte Nature Reserve.

Melita Weideman, then a Knersvlakte ranger, had just finished work one July afternoon in 2015 when she was called to check out a mysterious pickup truck parked just outside the reserve. Weideman saw a man and woman walking through the approaching winter sunset toward the vehicle and then noticed empty cardboard boxes on the double-cab’s back seat. “That’s very weird,” she recalls thinking. “It looks like they’re collecting things.”

The couple had no reserve entry permits. When Weideman asked to see inside their backpacks, they initially refused. “It was quite a stressful situation because we [rangers] are not armed, and I didn’t know if they were armed.” But Weideman persisted and the bags were opened, revealing 49 of the the small, cryptic succulent plants that grow between the Knersvlakte’s stones. Jose (aka Josep) Maria Aurell Cardona and his wife Maria Jose Gonzalez Puicarbo, both Spanish citizens, were arrested. A search of their guesthouse room in a nearby town revealed 14 large boxes containing over 2,000 succulents, including hundreds of specimens of threatened and protected species, courier receipts showing that many more had already been sent to Spain, and notes documenting their extensive collecting trips across South Africa and neighboring Namibia.

The succulent species Argyroderma theartii, found in the Knersvlakte reserve in South Africa.

The succulent species Argyroderma theartii, found in the Knersvlakte reserve in South Africa. Martin Heigan/Flickr

Authorities soon discovered that the couple had been selling poached plants through their anonymously-operated website,, and calculated the value of the plants in their possession at about $80,000. After 16 nights in nearby jails, Cardona and Puicarbo accepted a plea bargain, paid a $160,000 fine — the largest ever for plant thieves in South Africa — and were banned from the country forever.

Cardona and Puicarbo’s ill-fated trip had been meticulously planned using information sourced online. They were carrying extracts from data lists and books about threatened plants, electronic scientific journals describing new species, messages from botanical listservs and social networks, pages from a digital archive of museum specimens named JSTOR Global Plants, photos and information from citizen science website iSpot, detailed maps from off-road vehicle websites, and hundreds of tabulated GPS waypoints for rare plant locations apparently downloaded from the Internet.

Twenty or more years ago it would have taken dozens of long field trips and thousands of miles of travel to acquire this volume of detailed information about southern Africa’s rare succulents; an entire botanical career, perhaps. In 2015, a pair of poachers could acquire it in a short time from a desk on another continent.

The Cardona-Puicarbo case provides rare insight into an emerging problem: The burgeoning pools of digital data from electronic tags, online scientific publications, “citizen science” databases and the like – which have been an extraordinary boon to researchers and conservationists – can easily be misused by poachers and illegal collectors. Although a handful of scientists have recently raised concerns about it, the problem is so far poorly understood.

Today, researchers are surveilling everything from blue whales to honeybees with remote cameras and electronic tags.

Today, researchers are surveilling everything from blue whales to honeybees with remote cameras and electronic tags. While this has had real benefits for conservation, some attempts to use real-time location data in order to harm animals have become known: Hunters have shared tips on how to use VHF radio signals from Yellowstone National Park wolves’ research collars to locate the animals. (Although many collared wolves that roamed outside the park have been killed, no hunter has actually been caught tracking tag signals.) In 2013, hackers in India apparently successfully accessed tiger satellite-tag data, but wildlife authorities quickly increased security and no tigers seem to have been harmed as a result. Western Australian government agents used a boat-mounted acoustic tag detector to hunt tagged white sharks in 2015. (At least one shark was killed, but it was not confirmed whether it was tagged). Canada’s Banff National Park last year banned VHF radio receivers after photographers were suspected of harassing tagged animals.

While there is no proof yet of a widespread problem, experts say it is often in researchers’ and equipment manufacturers’ interests to underreport abuse. Biologist Steven Cooke of Carleton University in Canada lead-authored a paper this year cautioning that the “failure to adopt more proactive thinking about the unintended consequences of electronic tagging could lead to malicious exploitation and disturbance of the very organisms researchers hope to understand and conserve.” The paper warned that non-scientists could easily buy tags and receivers to poach animals and disrupt scientific studies, noting that “although telemetry terrorism may seem far-fetched, some fringe groups and industry players may have incentives for doing so.”

It is difficult to tap into most tag data streams, say experts. Accessing an unencrypted VHF signal from a relatively cheap radio tag requires knowledge of its exact frequency, although this can sometimes be found with a scanner. Data from more-expensive GPS tags are usually encrypted and password-protected. “I’m not saying it’s impossible to hack into a tag signal,” says one African technical expert who declined to be named because he sells GPS tags for rhinos and elephants, “but you would need extremely high-level knowledge and equipment. I don’t know of any cases in Africa.”

A more serious risk, experts say, is posed by the voluminous geospatial information in Internet-accessible databases like those being created by museum staffers who are archiving millions of digital photos of plants and animal specimens, each with a location attached. In addition, huge “citizen science” projects are leveraging millions of volunteer hours to build species databases bulging with geospatial datapoints and geo-referenced photographs, audio, and videos.

These data stores of species’ locations are an irreplaceable and growing asset to science and conservation, enabling researchers to pinpoint threats to endangered species, observe ecosystem responses to climate change, and even uncover new species. Many are designed to be open and easily accessible, which has multiplied their value and dramatically lowered research costs.

Geotagged bird sightings in northern India, mapped by the citizen science website eBird.

Geotagged bird sightings in northern India, mapped by the citizen science website eBird.

eBird, based at Cornell University, is one of the world’s most successful “citizen science” wildlife mapping projects. It has a quarter of a million registered users globally who have uploaded hundreds of millions of observations from almost every country. By “gameifying” birding to leverage birders’ competitive instincts, eBird has built a highly productive community of volunteer data collectors who have enabled scientists to identify threats to birds and understand bird movement in unprecedented ways.

Like many other citizen science projects, eBird was deliberately developed to encourage data sharing. Contributors can share and download lists of bird locations and find millions of sightings on digital maps. It’s so open, says project leader Marshall Iliff, that “anyone can basically download the entire eBird dataset.”

When eBird launched, Iliff says, the idea that its data could be used to harm birds was far from its developers’ minds, because few North American species are seriously threatened by illegal hunting or capture. As the project has expanded into countries where more birds are threatened by such activities, however, staff have realized that some species’ data should be hidden. But this is no simple task: Since eBird’s edifice was built from the ground up to be maximally accessible, Iliff says, hiding data is “a challenging thing to work out both on the technical and the policy sides.” After much deliberation, the platform’s code is now being extensively rewritten so selected species’ locations can be kept from public view.

While few North American birds may be endangered by releasing their geospatial data, this is not true for many small, lesser-known species in the developing world. A shadowy international community of collectors pays well for rare succulent plants, orchids, reptiles, spiders, and insects, often found where wildlife law enforcement is patchy. The more obscure and rare a species is, the more valuable. Rarity makes species vulnerable to being completely wiped out by poachers; some targeted South African plants and insects are found only in a few acres. 

Paul Gildenhuys, who heads the biodiversity crime unit in South Africa’s Western Cape Province, tells me that in the past, many poachers were academics looking for a few specimens for themselves. Now more profit-focused international traders have entered the scene, he says, “and they really don’t care. If they find a lizard colony, they won’t just take one or two animals, they’ll bring crowbars to smash rocks so they can take the whole lot.”

Collectors scour scientific journals for descriptions of new species, many of which have been poached within months of being identified.

Collectors scour scientific journals for descriptions of new species, which traditionally include their locations. Many new species have been poached within months of being described, which recently inspired David Lindenmayer and Ben Scheele of the Australian National University to write a strongly worded article in Science titled “Do not publish.” Pointing out that academic journals are rapidly embracing online open-access publication, they called on their colleagues to “urgently unlearn parts of their centuries-old publishing culture and rethink the benefits of publishing location data and habitat descriptions for rare and endangered species so as to avoid unwittingly contributing to further species declines.” In a reply titled “Publish openly but responsibly,” another group of biologists implicitly accused Lindenmayer and Scheele of overreacting, saying that existing institutional data policies were sufficient to protect species. “Conservation biologists can … ensure data are available through secure sources for approved purposes,” they wrote.

But how are “approved purposes” defined, and by whom? And which species truly require data redaction? Biologists disagree sharply. Some believe that all data from Red-Listed species should automatically be withheld; others point out that many Red-Listed species are not threatened by poachers, but by habitat destruction or climate change. Some institutions and governments currently have biodiversity data policies, but many have no policy at all. There is no internationally-agreed protocol for deciding which data to hold back and when to release it.

While biologists can control location data in their own journals and archives, they can’t control the sprawling, dynamic world of social media, where enthusiasts share wildlife notes and photos in an ever-growing galaxy of online groups. Typical of these is Snakes of South Africa, a thriving, conservation-focused Facebook group where anyone can share photos of snakes for volunteer experts to identify. The group helps find handlers to relocate snakes without harm and even assists with snakebite medical advice. Group administrator Tyrone Ping tells me that poachers often pretend to be helpful experts to learn locations of valuable snakes. “We throw them out, but they join again with a fake profile.” (I recently observed a member of a European Facebook group openly explain where to find a desired snake species in Egypt and how to smuggle it through Cairo International Airport.)

And conservation officials say tourists’ social media posts can also pose a risk. More than 1,000 rhino have been poached annually in South Africa since 2013, and a wildlife crime investigator based near Kruger National Park tells me that poachers scan social media for tourists’ photos of rhinos, which are often tagged with locations or contain identifiable landscape features. Poachers’ raids are planned with Google Maps and co-ordinated via WhatsApp. Many African parks are asking visitors not to post rhino photos, but there’s no practical way to stop them.

The app Latest Sightings maps real-time wildlife sightings by tourists in South Africa's Kruger National Park. 

The app Latest Sightings maps real-time wildlife sightings by tourists in South Africa's Kruger National Park.  Latest Sightings

A growing number of mobile apps are designed specifically to allow tourists to share locations and photos of animal sightings with a network of fellow park visitors. Nadav Ossendryver built Latest Sightings — the most popular of these — as a 15-year-old in 2011 after a frustrating trip to Kruger National Park during which he couldn’t find “good” animals. “I kept thinking someone must be looking at a leopard or a lion, and it must be close by,” he says. Today the app has over 42,000 active members. Ossendryver tells me he’s promoting conservation to a younger audience, and his app does not log rhino sightings. But Kruger’s management is nonetheless strongly against Latest Sightings: App users, they say, are speeding toward reported sightings, sometimes road-killing animals and causing traffic congestion that interferes with natural animal behavior.

In the world of science, however, some researchers remain wary of moves to withhold data. “Science depends on the transparency of information,” says Vincent Smith, a research leader in informatics at London’s Natural History Museum. “Geospatial information is some of the most valuable data we have. To remove it would remove the opportunity to do enormous amounts of research. It would seriously harm all science.”

Some researchers remain wary of moves to withhold data. As one put it, “Science depends on the transparency of information.”

Tony Rebelo, a South African biologist and supporter of iSpot, a crowd-sourced online archive, says that to some extent policies on withholding information are irrelevant because “once you give your data to anyone, no matter how trusted, it’s out there.” It’s also hard to track and predict the fickle collectors’ market. A species can suddenly become desired years after its location has been deemed safe to publish. Many researchers I interviewed had been contacted by fake biologists seeking data on rare species.

One case bolsters the claim that hiding geospatial data can protect species. In 2009, Tim Davenport, the Wildlife Conservation Society’s program director in Tanzania, discovered an attractive new snake species in a small forest in that country. He named it Matilda’s Horned Viper, Atheris matildae, after his daughter. Recognizing that its tiny natural range made it vulnerable to poachers, he formally described it in 2011 without publishing its location, which was unusual at that time. Davenport says that although he has seen Atheris matildae advertised online, every case he has followed up involves a seller passing off a similar, common species. Hiding its locality seems to have worked.