Photographers And Filmmakers Call For Encryption To Be Built Into Cameras As Standard
from the a-picture-is-worth-a-thousand-passwords dept
Encryption has become one of the key issues in the digital world today, as the many posts here on Techdirt attest. And not just in the tech world, but far beyond, too, as governments grapple with the spread of devices and information that cannot easily be accessed just because they demand it. Techdirt readers probably take crypto for granted, as an increasing proportion of Web connections use HTTPS, mobile phones generally offer encryption options, and hugely-popular mainstream programs like WhatsApp deploy end-to-end encryption. But a recently-published open letter points out that there is one domain where this kind of protectively-scrambled data is almost unknown: photography. The letter, signed by over 150 filmmakers and photojournalists, calls on the camera manufacturers Canon, Fuji, Nikon, Olympus and Sony to build encryption features into their still photo and video camera products as a matter of course. Here’s why the signatories feel it’s necessary:
Without encryption capabilities, photographs and footage that we take can be examined and searched by the police, military, and border agents in countries where we operate and travel, and the consequences can be dire.
We work in some of the most dangerous parts of the world, often attempting to uncover wrongdoing in the interests of justice. On countless occasions, filmmakers and photojournalists have seen their footage seized by authoritarian governments or criminals all over the world. Because the contents of their cameras are not and cannot be encrypted, there is no way to protect any of the footage once it has been taken. This puts ourselves, our sources, and our work at risk.
That’s certainly true, and encryption would place an important obstacle in the way of the authorities seizing cameras and accessing the material they hold. However, it is only an obstacle, not real protection. Assuming encryption is widely implemented in cameras, repressive governments will have a number of options open to them for dealing with it.
They might simply pass laws that forbid the use of cameras that encrypt images. By declaring them illegal, governments could seize them at the border or whenever they are found. However, that’s a fairly mild response. If the material on a camera seized by the authorities turns out to be encrypted, many would demand the password. If the photographer is lucky, a refusal might mean being thrown out of the country, probably without the camera. In the worst case, government thugs and criminals may try to obtain the necessary passwords the old-fashioned way — by beating it out of the phtographer.
What is needed is an approach that avoids those risks. Maybe it would be possible to create hidden partitions on the camera’s storage so that sensitive images could be stored there, while giving the authorities access to other less controversial shots. That still runs the risk of the camera being impounded and/or destroyed. Other options might be to transfer the sensitive stuff to tiny wifi-enabled SD cards that are hidden in specially-designed objects — wristwatches, wallets, pens, buttons, etc. — or to the cloud, if Net connectivity were available.
Encrypting cameras is certainly a great idea, not least because it helps to make crypto even more mainstream than it already is, and encourages people to expect it everywhere (although Nikon for one doesn’t seem too enthusiastic about the proposal). But it’s just a first step to address the serious threats faced by photographers in many parts of the world, something that would doubtless benefit from additional kinds of technical ingenuity.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Filed Under: cameras, encryption, filmmakers, photographers
Comments on “Photographers And Filmmakers Call For Encryption To Be Built Into Cameras As Standard”
Send the risky images by satellite connection, so you don’t have to leave the country carrying them.
Re: Re:
When visiting a repressive regime, the camera should encrypt the images using a one way key. The only copy of the decryption key is back home and inaccessible to the NSA, FBI, CIA, etc.
Given that these days a camera screams professional photographer reporter, whats wrong with using a phone or tablet, which have inbuilt encryption capabilities, and the connectivity to send the images and videos back to base. That would attract less attention than a professional camera rig,
Re: Re:
This. Regular encryption on cameras would be very good for the casual user that wants minimum protection against theft or regular law enforcement encounters. But for further protection there are other measures that need to be adopted. I like your idea of using the phone as a hub for the camera but I’d go further by adding standalone computers (ie: raspberry pi) that act solely as storage to the footage/photos and automatic backups. You could interconnect all these devices (camera, phone, raspberry) via encrypted wi-fi or bluetooth signals and have all them store the content and keep synchronized with the cloud whenever connectivity is available. You could conceal the hub as an external battery for instance packing a whole lot of extra juice while maintaining a security backup. As cameras get smarter with implementations of Android they too could keep connected and syncing their material with online locations.
This still doesn’t solve the “camera-meets-hammer” problem but at least it will make the destruction and leaking of the material much less likely even in more dangerous environments.
Re: Re: Re:
I was assuming that the photographer was away from home, and in particular had borders to cross. The phone or tablet as a camera, and upload to a home base or some file locker gets round the problem of camera/phone/tablet meets hammer, or acquisitive border agent, or police seizing evidence.
Re: Re: Re: Re:
Me too. By hub I mean a mobile hub. I mentioned raspberry but there are other possibilities like an Arduino setup.
Re: Re: Re:2 Re:
A better use would be to leave such a system at home, have it monitor where you drop the files, and copy them on to other storage. That way you move a copy to storage that someone who grabs your unlocked phone cannot easily find or get to.
Re: Re:
There is a big difference between what a phone or tablet camera can accomplish and what a professional rig can do. There are reasons that professional photographers spend thousands of dollars on them, even some advanced amateurs.
Sending the data, encrypted or not, to a safe server and then deleting them from the recording device seems a better option, though that would limit the ability of the photographer to make adjustments to gamma, brightness, contrast, etc. while waiting for transportation or on a long flight home, or other. If the media is for immediate (or eminent) publication that would put a wrench on post production work.
As said below, better yet to change governments attitudes toward our data, unless they have other reasons for the intrusion, and those reasons should not be because we said so.
Re: Re: Re:
If you are in a country where having a professional camera can get uou into trouble if you try and report what is going on, perhaps you will be better off using a phone and avoiding attracting attention. I know the quality is not as good, but phone quality is better than no pictures or videos, and makes it much easier to to send the videos or pictures somewhere safe.
Besides which I would not bet on traveling into or inside the US, at least by plane, with a professional level camera if you destination is anywhere near something that the US government does not want reported.
Mr Camera, meet Mr Axe
XKCD raised one of your points re: encryption:
https://xkcd.com/538/
Me, I think the more likely possibility is that an encrypted camera would have a close encounter with an axe. A solid swings and neither the camera nor the storage media will be usable.
Re: Mr Camera, meet Mr Axe
Yes, unlike the other cases for encryption where the attacker wants your data, most times the camera attacker just doesn’t want you to have your data. Taking or breaking the device is as good as seeing the data. We really need instant worldwide backups and prominent notices, so attackers know that disabling the device will accomplish nothing.
Re: Re: Mr Camera, meet Mr Axe
Agreed, the attacker would be just as happy to keep you from having the data by destroying it.
a better way would be to have your home VPN server on your home computer, if you have a broadband ISP that allows servers. Comcast, Cox, and Charter all have such service, and some DSL and other broadband providers have it.
You can then install the open source SoftEther VPN server on your Windows computer (Sorry Mac Users, it is not made for Macs), the just be sure to open the right ports on your router for remote access
Then you can periodically upload the images to your home PC, and then delete them from your camera, so that if the camera is seized, the data on it won’t be there.
Re: Re:
What if there is no connection? Think war torn zones.
Re: Re: Re:
Quantum Entanglement Communicators. Boom, solved.
Re: Re: Re: Re:
fairy dust.
Boom, solved.
Re: Re: Re:2 Re:
Hey, I’m no expert but I think that the specialized physical theorists and advanced number dreamers of this great nation could focus on the problem in a more solid and densified manner.
If only there was a more succinct way to describe it…
Encryption should be standard, including pc os.
i know this is crazy talk...
…but instead of slapping on inadequate bandaids, how about we overthrow the borg so we are actually free, not pwetend free ? ? ?
Re: i know this is crazy talk...
Resistance is futile.
Manufacturers
We shouldn’t by relying on manufacturers to do this. Instead, buy a camera you can run your own software on, like a smartphone or a CHDK-supported Canon camera, and get a group of people together to implement encryption.
Bad idea. No way the camera makers would come up with a common standard AND keep it updated. Better approach is have multiple storage cards. Several have the expected touristy type pictures on them. A couple special cards are used for the worrisome pictures. These are then copied to a second device, encrypted and stored in some game folder as gamedatafile42.dat. If possible, also transmit the files out of area via whatever means are available. Don’t overlook using postal mail. Lose the ‘special cards’ once the data is safe.
This way, the likely bored boarder agent sees several hundred or thousands of non-threatening pictures on the camera you respectfully handed over and you are on your way a few minutes later, camera in hand.
Encrypt the camera????
No.
Just, plain, flat, NO.
Unless you’re extremely careful, you can easily loose data. And lost data in this instance can lead to any of weird/wrong/distorted/missing color/shape/lighting/focus/depth-of-field, etc., and so on and so on.
It me only be a small percentage of the data, or even a small absolute amount. But you know what the politician once said about the odd billion or two here and there eventually coming to add up to serious money.
More boot-leggers & Baptists B.S.
These are copyright maximalists hiding under the skirts of journalists.
https://en.wikipedia.org/wiki/Bootleggers_and_Baptists
Re: More boot-leggers & Baptists B.S.
Like the drug-prohibitionists in boat with drug-cartels? Sounds likely. Have you lately thrown your DEA into prison? Maybe you should.
Hardware Addons are a better route
Instead of building the encryption into the camera, make the cameras modular so they can plug in their removable hardware encryption modules. Camera makers are off the hook for any potential litigation.
This would allow the camera to operate as a normal camera when going through customs and remove the theft of property by governments that would then look to the addon hardware that was handed off to a fellow that already passed through security and is at the home office waiting to decrypt.
It would also allow photographers to use modules that are up to date, allow use of their favored encryption scheme and add a number of hurdles to busy body customs agents and governments. Hell, smart phones and PCs should have this option as well.
–Other options might be to transfer the sensitive stuff to tiny wifi-enabled SD cards that are hidden
Great, so we can start expecting body cavity searches looking for tiny wifi sd cards that might be hidden there.
A better solution is to simply not have anything suspicious with you when you encounter the authorities. Send the data using some other means.
Or hide the data in plain sight:
https://en.wikipedia.org/wiki/Steganography
“You wanna look at my cat pictures? OK, you gotta see the 6th picture its hilarious!”
“They might simply pass laws that forbid the use of cameras that encrypt images. By declaring them illegal, governments could seize them at the border or whenever they are found.”
Making that more difficult is one reason to make it a standard feature rather than a specialist add-on. Any country where tourism is a significant revenue generator for Fearless Leader’s Swiss bank account can’t afford to have the border goons stealing cameras from every tourist from Topeka.
Nerd harder to build in AI to detect & reject porn videos
then use encryption technology not to hide videos, but to tie them to this camera & this individual; include alarm “feature” which can be set off by TSA agents.
They will give them proprietary encryption. LOL
Inmportant
Note to the UK government:
This is not, repeat NOT, a playbook for how to handle encrypted cameras.