Making The Case Against Adding DRM To JPEG Images
from the don't-go-down-that-road dept
Earlier this year, we wrote about a plan to add DRM to the JPEG standard, meaning that all sorts of images might start to get locked down. For an internet where a large percentage of images are JPEGs, that presents a potentially serious problem. We did note that the JPEG Committee at least seemed somewhat aware of how this could be problematic — and actually tried to position the addition of DRM as a way to protect against government surveillance. However, there are much better approaches if that’s the real purpose.
The JPEG Committee recently met in Brussels to discuss this, and thankfully Jeremy Malcolm from the EFF was able to give a presentation explaining why this was such a bad idea and to suggest alternative approaches for protecting privacy without having to go down the path of DRM.
This doesn’t mean that there is no place for cryptography in JPEG images. There are cases where it could be useful to have a system that allows the optional signing and encryption of JPEG metadata. For example, consider the use case of an image which contains personal information about the individual pictured?it might be useful to have that individual digitally sign the identifying metadata, and/or to encrypt it against access by unauthorized users. Applications could also act on this metadata, in the same way that already happens today; for example Facebook limits access to your Friends-only photos to those who you have marked as your friends.
Currently some social media sites, including Facebook and Twitter, automatically strip off image metadata in an attempt to preserve user privacy. However in doing so they also strip off information about authorship and licensing. Indeed, this is one of the factors that has created pressure for a DRM system that could to prevent image metadata from being removed. A better solution, not requiring any changes to the JPEG image format, would be if platforms were to give users more control over how much of their metadata is revealed when they upload an image, rather than always stripping it all out.
We encourage the JPEG committee to continue work on an open standards based Public Key Infrastructure (PKI) architecture for JPEG images that could meet some of the legitimate use cases for improved privacy and security, in an open, backwards-compatible way. However, we warn against any attempt to use the file format itself to enforce the privacy or security restrictions that its metadata describes, by locking up the image or limiting the operations that can be performed on it.
Hopefully the JPEG Committee listens.