Why publishing images online is riskier than you think

Images published online can be ripped off in seconds. So what can organisations do to protect their intellectual property, asks SmartFrame's Patrick Krupa

Most of us don't think twice about uploading images to the internet. Whether it's a single Instagram user posting a selfie, or a large enterprise uploading product images for sale, posting pictures online has become a part of everyday life for consumers and business owners alike.

But when you consider that images will often have a personal or monetary value (sometimes both), why has it become commonplace to upload these images to the unsecure public internet? Furthermore, once images have been uploaded it's very hard to undo. It only takes one duplicate, back-up or re-share for image owners to lose control of their content forever.

Hackers gain access to personal websites, hijack personal family pictures and threaten to upload pictures to inappropriate sites unless a ransom is paid

From an enterprise perspective, managing this isn't as simple as putting a hold on uploading images online - images are an integral part of online business today. This means that organisations need to understand and be aware of the risks.

Platforms ripe for exploitation

While uploading images to social media platforms and websites is an essential part of online business - what business, large or small, doesn't have a presence on Facebook or Twitter? - there are risks attached to hosting images on third-party platforms.

The terms and conditions of many social media websites, for example, claim ownership of any image uploaded to their websites, and some of these websites can store images forever, whether you want them to or not. Uploading content to these platforms can potentially equate to giving social media companies an unlimited free licence to use your images as it pleases.

AI & Machine Learning Live is returning to London on 3rd July 2019. Hear from the Met Office's Charles Ewen, AutoTrader lead data scientist Dr David Hoyle and the BBC's Noriko Matsuoka, among many others. Attendance is free to qualifying IT leaders and senior IT pros, but places are limited, so reserve yours now.

Even when hosting images on their own websites, enterprises can still see image content misused. Hackers regularly gain admin access to websites without site owners even knowing - often these owners only realise a compromise has occurred when their content has already been hijacked and uploaded to an undesirable site.

There have even been reports of ‘digital kidnappings', where hackers gain access to personal websites, hijack personal family pictures and threaten to upload pictures to inappropriate sites unless a ransom is paid.

Copyright is recognised at national levels, but there are countries where copyright isn't even recognised

A conscious choice is made by businesses to upload images to websites and social media platforms. In the case of Google Images, one of the web's most popular image search tools, web crawlers pull images off web pages and generate thumbnails to appear without any such permission.

While most wouldn't argue against the business benefits of displaying content on Google Images, it doesn't change the fact that a significant portion of Google Images users hold a misconception that images generated from searches are free to use - without any consideration for copyright rules and licensing.

Enterprises therefore face a catch 22 - hosting images on social media platforms, on their websites and making them freely available on Google Images is an essential part of reaching potential customers - but doing so often maximises the chance of image misuse, which can have detrimental business consequences - on brand reputation, on customer experience, and on the bottom line.

Computing's Cloud Excellence Awards return on the 19th September 2019, recognising the very best of cloud computing in the UK across end users, suppliers and products. Who is the Cloud Architect of the Year? What is the Best Cloud Development Platform? And who is the Cloud Entrepreneur of the Year. Entry is FREE - the deadline is Friday 28th June.

The internet's underbelly of bad actors

Once images are uploaded online, they're at the mercy of the internet's users, some of whom are equipped with tools to exploit images - like easily accessible Chrome plug-ins that can perform bulk image downloads of Google Images. With these tools, hundreds of images can be downloaded, and bad actors can take a business' brand assets in a matter of minutes.

It's also possible for bad actors to use software that will download and replicate an entire website. While the URL is different, the website's imagery remains identical - which means any internet user can impersonate a legitimate business with a potentially devastating outcome.

Enterprises need to take advantage of technology to keep their assets secure

Many organisations may think they can turn to copyright laws to provide legal protection against this kind of activity. But "international copyright" doesn't exist. Copyright is recognised at national levels, but there are countries where copyright isn't even recognised. This means that in some territories, there is nothing to stop bad actors downloading an enterprise's image bank and commercialising it - placing images on anything from billboards to packaging without any concerns about permission or intellectual property.

Bad actors don't have to be professional hackers either, or even have bad intentions. Often "bad actors" are everyday internet users who right click and save an image in ignorance. Without knowing, these users are illegally infringing on the copyright of image holders.

Outside of the box solutions

Businesses can't simply stop publishing images. All the dangers of uploading images online identified so far are symptoms of an internet that's fundamentally broken when it comes to protecting images.

This means that the problem needs to be addressed at source - the image format. Enterprises rely on the hugely popular JPEG image format, which is fundamentally, a flawed format. JPGs appear in the source code of web pages, which is taken advantage of in bulk downloads and website cloning. JPGs also have little security - the only reason users can right click, save as, is because the JPG image format doesn't stop them from doing so. The universal use of JPGs is, in fact, detrimental to the security of image content.

Education is also important, and laws and regulations like the EU Copyright Directive are bringing attention to the issue. Talk around Article 13 and Article 11 has caused much industry debate and, worldwide, people are waking up to the fact that copyright violations and general misuse of images online is a serious problem - especially when you consider that piracy and copyright infringement is not accepted by other creative industries, like the TV, video and music industries.

But legislation and education will only go so far. Enterprises need to take advantage of technology to keep their assets secure. While this includes keeping up to date with the latest cybersecurity protection - antivirus, patches and the like, enterprises also need to think about other vulnerabilities, like the media formats they rely upon, which could be opening the door to vulnerabilities.

Patrick Krupa is head of product and UX at image protection company SmartFrame

Computing and CRN have united to present the Women in Tech Festival UK 2019, on 17 September in London.

The event will celebrate successful women in the IT industry, enabling attendes to hear about, and to share, personal experiences of professional journeys and challenges.

Whether you're the ‘Next Generation', an ‘Inspirational Leader', or an ‘Innovator of Tech' this event will offer inspiration on not only how to improve yourself, but how to help others too. The event is FREE for qualifying IT pros, but places will go fast