For months members of the public have been using GeoSpy, a tool trained on millions of images that can find the location a photo was taken based on soil, architecture, and more. It’s GeoGuesser at scale.

A powerful AI tool can predict with high accuracy the location of photos based on features inside the image itself—such as vegetation, architecture, and the distance between buildings—in seconds, with the company now marketing the tool to law enforcement officers and government agencies.

Called GeoSpy, made by a firm called Graylark Technologies out of Boston, the tool has also been used for months by members of the public, with many making videos marveling at the technology, and some asking for help with stalking specific women. The company’s founder has aggressively pushed back against such requests, and GeoSpy closed off public access to the tool after 404 Media contacted him for comment.

Based on 404 Media’s own tests and conversations with other people who have used it and investors, GeoSpy could radically change what information can be learned from photos posted online, and by whom. Law enforcement officers with very little necessary training, private threat intelligence companies, and stalkers could, and in some cases already are, using this technology. Dedicated open source intelligence (OSINT) professionals can of course do this too, but the training and skillset necessary can take years to build up. GeoSpy allows essentially anyone to do it.

“We are working on something for LE [law enforcement] but it’s 🤐,” Daniel Heinen, the founder of Graylark and GeoSpy, wrote in a message to the GeoSpy community Discord in July.

GeoSpy has been trained on millions of images from around the world, according to marketing material available online. From that, the tool is able to recognize “distinct geographical markers such as architectural styles, soil characteristics, and their spatial relationships.” That marketing material says GeoSpy has strong coverage in the United States, but that it also “maintains global capabilities for location identification.”

404 Media created a free account on GeoSpy earlier this month. One of 404 Media’s tests was an image of a man harassing a woman in a Waymo. GeoSpy correctly geolocated the photo. “The Soma Park Inn sign is visible in the video, which is located in San Francisco. The architecture of the buildings and the street signs also point to San Francisco,” the result read.

In another test, GeoSpy identified the location as likely being in New York City. The target image was the grainy CCTV footage of the moment the United Healthcare assassin murdered company CEO Brian Thompson.

“The image appears to be from a security camera or traffic camera in New York City. The vehicle and street layout are consistent with the city’s urban environment,” the result read.

In another of 404 Media’s tests, GeoSpy analyzed a recent photo from the Los Angeles fires. The system returned a result south of Los Angeles, so was inaccurate, but still provided some context: “The image shows a large plume of smoke rising from a fire in the distance, with the ocean and a beach in the foreground,” it starts. “The buildings visible in the background appear to be hotels and other coastal developments, suggesting a coastal location in Southern California. The specific style of the buildings, combined with the shape of the coastline, points to Huntington Beach as the likely location.”

GeoSpy runs an associated Discord server where Heinen gives updates on the product and chats with its users. In there, he has uploaded other examples of GeoSpy in action.

“The photo shows a narrow street with cobblestones and brick buildings, which is typical of the Beacon Hill neighborhood in Boston,” one screenshot Heinen posted to Discord says. In another example included in a YouTube video posted last year, Heinen uses a photo of some trees near a road. GeoSpy narrows that area down to Boston too, based on the sort of vegetation in the photo. The system wasn’t fully accurate, but “it goes from the entire world down to a few kilometer search area,” Heinen says in the video.

In that same YouTube video, Heinen explained that his team was building a tool that can automatically extract information from scraped photos, and particularly profile pictures. But all of these photos had their metadata removed; when you upload an image to many social media sites they strip the file’s original metadata, which ordinarily could include GPS coordinates or other useful information.

Heinen says the team came across a research study which instead talked about finding the location of photos based on features inside the image itself. The team then built GeoSpy as a demo to show “based on this research, look what we can do,” Heinen says. He adds the team didn’t think that many people would use it, but interest grew from all over the world. In a May Discord message, Heinen says he quit his day job as an AI research engineer to work on GeoSpy fulltime.

Heinen says people have used GeoSpy as part of fraud detection for apartment listings that weren’t in the claimed city, to police investigating child abuse material. One example in the video geolocates a protest to within a few blocks in Mexico City.

Another use case Heinen mentions is a security team scouring the internet for threats against an office. Heinen says the team could set up a geofence around a particular location and pull up any results included in that area. He also brings up “winning wars” by being able to predict the movement of tanks by geolocating photos of them.

Christopher Ahlberg, the CEO of threat intelligence company RecordedFuture, previously tweeted that RecordedFuture has invested into GeoSpy. “I love what they do,” Ahlberg told 404 Media in an email. “It’s still super super early. We’re a customer—we love it. Extremely cool tech. We ingest lots of imagery from all kinds of places, so for our customers the ability to geolocate that (think warzone imagery in Ukraine) is super helpful. Best image analysis people on planet.”

Graylark has also received investment from AI Grant, a startup incubator whose heads include former Github CEO Nat Friedman. Friedman did not respond to a request for comment.

On Thursday, investigative software Maltego integrated with GeoSpy, meaning users can search images directly in Maltego.

“Geolocating photos based on open source clues such as buildings in the background, shadows, and other minute details has long been a known technique in the open source intelligence community. But Geospy providing this service to law enforcement at scale could present a serious threat to the public,” Cooper Quintin, security researcher and senior public interest technologist at the Electronic Frontier Foundation, told 404 Media.

“It’s one thing if police are using this against a photo that is a piece of evidence in an investigation of a serious crime. It’s totally different to use it en masse to build a geolocation database or to gather intelligence on people not engaged in suspected criminal activity. And if the results from Geospy are inaccurate I’m concerned this could lead to wasted time for law enforcement, fear and confusion for civilians, and wrongful arrests based on faulty information,” he added. “It is no longer enough to remove EXIF metadata from your photos to hide their location, and this should serve as a reminder for people who are at heightened risk that they need to start including geolocation and services such as GeoSpy in their threat model.”

GeoSpy has not received much media attention, but it has become something of a sensation on YouTube. Multiple content creators have tested out the tool, and some try to feed it harder and harder challenges. In one, a GeoGuesser player, a game in which people rapidly try to find the location of Google Street View images manually, tries out GeoSpy on difficult to locate photos, such as ones looking at from a road towards a generic looking field. This means the player, or the AI, can’t rely on road signs which can often reveal what country a photo was taken in. In that test, GeoSpy correctly located the photo to South Africa. Heinen then often posts these videos to the GeoSpy Discord.

Some members of the Discord have made dubious requests to each other, asking for help finding where their “friend” works or the location of specific YouTubers’ homes. Often these requests are shut down by other members, and called out as stalking.

“Why do you want to find some girls’ house,” one Discord member said to another who asked for help locating one.

That push back includes Heinen. When one user wrote “I have interview for private investigator job. I might get paid to stalk people soon,” Heinen replied “Bro. Wtf.”

“Not in my server,” he wrote.

When one user asked if GeoSpy could add imagery for the inside of vehicles or hotel rooms, or the ability to upload their own data, Heinen said GeoSpy had the ability, but that it came with potential problems. When asked what those might be, Heinen replied “Stalking. Mostly that.”

A day after 404 Media contacted Heinen for comment, GeoSpy shut off access to the free, publicly accessible version of the tool. Now users have to request access, which is “available exclusively to qualified law enforcement agencies, enterprise users and government entities,” its website now reads. Heinen did not respond to the requests for comment.

That law enforcement-version of GeoSpy is more powerful than what was publicly available, according to Heinen’s Discord posts. “Geospy.ai is a demo,” he wrote in September. “The real work is the law enforcement models.”