Those Responsible for JPEG Want to Put DRM in Pictures, But … is This Really Necessary?

Imagine if the copyright of the images you share were inspected as with music and videos? No? The JPEG committee (Expert Group set Photography, its acronym in English) already. They want to develop a standard to make safer share pictures and, among other measures, protecting them with copyright.

In a report published in September, which discusses the privacy and security of the images on the Internet, they expressed concern on issues such as the proliferation of digital content and how metadata should be secret.

As the latest valid version of the JPEG standard is 1994, the group argues that security and privacy features should be extended beyond the JPEG 2000, which already has encryption tools. They recommend, for example, encrypt metadata and image data separately and create privacy policies and controlled access to file information.

Thus, the protection of the photos could work similarly to the DRM found in games, videos, music and even books. If you try to open a book from our site in a place other than your Kindle, for example, probably will get an error message saying that you are not authorized to access the content. The same with music from various online services.

This means that you will be unable to copy and distribute the photo of an image bank, infringing the intellectual property rights, for example. Despite the committee organizer, Touradj Ebrahimi, had said in an interview with BBC that this protection will be arbitrary, he argues that this control must be embedded in the file.

Earlier this week, there was the 70th meeting of the JPEG committee in Brussels, Belgium, and the Electronic Frontier Foundation (EFF) stood out against these new proposals. The presentation points out some problems in the restriction, saying they are not effective, and also shows some alternatives.

One reason for the EFF is against DRM is that cryptographers themselves do not believe that this restriction work: who wants to break the DRM can do it in minutes. Moreover, it is the DRM that many providers limit their content to certain regions, a practice that the EFF considered anticompetitive.

The foundation advocates more a series of arguments against DRM, some more technical, others more exaggerated, but the point is generally the JPEG should be free of DRM or anything similar. If the intention is to protect the metadata, there are several restriction layers are implemented.

“For example, consider the case of use of an image that contains personal information about the individual depicted – can be helpful to have the digital signature of that individual in the image metadata and encrypt access to it by unauthorized users,” defends the EFF. They compare this methodology to what Facebook does with your photos: If you choose to show them only to friends, no other person who is not your friend has access.

The problem is that in doing so, Facebook (and even Twitter) clean image metadata to protect user privacy. Thus, the information about authorship and licensing are cleared. If the metadata with encryption are maintained, I imagine that even with the direct image link unauthorized users would be able to access it.

In my view, at least on the issue of data protection layers, the proposals of the JPEG committee and EFF are very similar – the problem is found precisely when these items refer to the blockade by copyright, instead of referring to safety. The final recommendation of the EFF is the JPEG committee is based on public key infrastructure (PKI), more compatible and open to deploy security features.

No more, do not worry: you will not have to pay a ticket if you want to post a picture of Taylor Swift online. It is only important to follow the limitations of copyright existing legislation. Technically, nothing prevents you from not following, but that’s why the big sites already have mechanisms to analyze the content and the digital signature. The Microsoft itself has with a similar algorithm, but which operates in child pornography images.

Considering these technologies, do we need another standard to protect the intellectual rights of files?