The recent Facebook scam with the image of a man standing beside a Ferrari had involved images lifted from a holiday album that was published on Picasa although intended to be private.
One of the main thrusts in this scam involved the photographer’s pictures being used without knowledge or permission of the album’s owner and a possible privacy and reputation threat for both the album’s owner and the Ferrari’s owner (if the Ferrari had front number plates).
One thing that needs to be looked at regarding photos published on Web sites like social networking and photo sharing sites is a secure way of publishing these pictures. Some would say that the most secure way is not to use these services at all, but to send pictures using removeable media (optical disk or USB memory key) via at least “snail mail”, preferably certified mail or courier service. But many people want to still use these services due to the ability to quickly share large numbers of pictures with people over long distances.
Issues that can be looked at could include a watermarking system for personal images so that users can detect improper use of their images; and improved security practices for online services that handle personal and amateur pictures. The watermark system could use a machine-readable watermark and the option of a visible watermark and could be provided by an ISP, enterprise, Web-hosting facility or a photo-sharing / social-network service. The machine-readable watermark should be able to be detected in thumbnails and low-resolution images; synthesised images such as “photoshopped” images and collages; as wel as high-resolution images. This can work in hand with users, ISPs and hosting services using agents that can scour for improper use and let the users know.
Other practices could include a limit on how the picture is seen by untrusted users, such as “low-resolution only” viewing or inability to download, copy (Ctrl-C / Command-C), print or zoom into the actual picture. As well, the systems that host these sites could be checked regularly for hack attempts.
What needs to happen is for action to be taken concerning misuse of amateur and personal images that have been put to the Web, This could be achieved through codes of practice and / or technology implementations.