AI Tool Makes YouTube Users Out of Comments
A company called YouTube Tools, which was developed by anonymous programmer Lolarchiver and released as an open-source intelligence tool, is under attack for its ability to build lightning-fast and detailed user profiles based on only YouTube comment history.
The program employs AI to infer people’s personal data such as geography, cultural affiliation, and political leaning. The program was reportedly used to identify a commenter as Italian, based on the person’s language usage and references to local outlets.
Radically Lowering the Bar for Profiling
Although the data is based on public data, the gadget tremendously simplifies what once required hours of cumbersome investigation. Users can make in-depth profiles with just a few clicks based on patterns of comments—presenting problems of ethical use and misuse.
Legal experts contend that this automation turns regular web activity into a possible spying tool. Unlike researchers or reporters, the power to employ this profiling ability is now within the reach of everybody with effort and oversight considerably reduced.
Likely Violation of YouTube Terms
Lolarchiver’s utility is likely in breach of YouTube terms of service as well. While there is some data scraping allowed by YouTube’s robots.txt directives, YouTube Tools is likely circumventing those limitations.
Beyond YouTube, Lolarchiver also has OSINT utilities focused on sites like Twitch, Kick, nHentai, and League of Legends, and reverse email and phone number lookups. All of these utilities likely are in breach of privacy laws depending on jurisdiction.
Legal and Ethical Gray Areas
Accessing leaked databases via the platform poses one more legal risk. While surfing through your own data is generally permissible, harvesting third-party data may breach the EU’s GDPR or U.S. state privacy laws.
In jurisdictions like the EU, the processing of personal data with no lawful basis is strictly illegal—something that makes Lolarchiver’s EU ties extremely dubious.
Legacy of Data Breaches Fuels Tools Like This
The dissemination of tools like YouTube Tools is a reflection of the long-term consequences of historical data breaches. From platform breaches, researchers’ newsletters, or KYC data, personal data routinely ends up in searchables repositories.
Some examples are the Ledger hardware wallet breach that affected 270,000 users and the Coinbase breach this month, which exposed sensitive financial and ID data.
Crypto Holders at Physical Risk
Within the crypto sphere, hacked KYC data can lead to physical attacks, e.g., so-called “$5 wrench attacks”—theft from identifiable cryptocurrency holders. At least 29 of them this year have been documented.
As more digital profiling becomes easier, these technologies increase the threat to users who are unaware their web activity is being tracked by algorithms.
Final Thoughts
Lolarchiver’s YouTube Tools isn’t only a technical curiosity—it is a sign of a new surveillance era, made possible by AI. The more automated OSINT is, the more automated are ethical concerns related to it. The line between public data and private life is as vague as ever.
