Photographers And Filmmakers Call For Encryption To Be Built Into Cameras As Standard

from the a-picture-is-worth-a-thousand-passwords dept

Encryption has become one of the key issues in the digital world today, as the many posts here on Techdirt attest. And not just in the tech world, but far beyond, too, as governments grapple with the spread of devices and information that cannot easily be accessed just because they demand it. Techdirt readers probably take crypto for granted, as an increasing proportion of Web connections use HTTPS, mobile phones generally offer encryption options, and hugely-popular mainstream programs like WhatsApp deploy end-to-end encryption. But a recently-published open letter points out that there is one domain where this kind of protectively-scrambled data is almost unknown: photography. The letter, signed by over 150 filmmakers and photojournalists, calls on the camera manufacturers Canon, Fuji, Nikon, Olympus and Sony to build encryption features into their still photo and video camera products as a matter of course. Here's why the signatories feel it's necessary:

Without encryption capabilities, photographs and footage that we take can be examined and searched by the police, military, and border agents in countries where we operate and travel, and the consequences can be dire.

We work in some of the most dangerous parts of the world, often attempting to uncover wrongdoing in the interests of justice. On countless occasions, filmmakers and photojournalists have seen their footage seized by authoritarian governments or criminals all over the world. Because the contents of their cameras are not and cannot be encrypted, there is no way to protect any of the footage once it has been taken. This puts ourselves, our sources, and our work at risk.
That's certainly true, and encryption would place an important obstacle in the way of the authorities seizing cameras and accessing the material they hold. However, it is only an obstacle, not real protection. Assuming encryption is widely implemented in cameras, repressive governments will have a number of options open to them for dealing with it.

They might simply pass laws that forbid the use of cameras that encrypt images. By declaring them illegal, governments could seize them at the border or whenever they are found. However, that's a fairly mild response. If the material on a camera seized by the authorities turns out to be encrypted, many would demand the password. If the photographer is lucky, a refusal might mean being thrown out of the country, probably without the camera. In the worst case, government thugs and criminals may try to obtain the necessary passwords the old-fashioned way -- by beating it out of the phtographer.

What is needed is an approach that avoids those risks. Maybe it would be possible to create hidden partitions on the camera's storage so that sensitive images could be stored there, while giving the authorities access to other less controversial shots. That still runs the risk of the camera being impounded and/or destroyed. Other options might be to transfer the sensitive stuff to tiny wifi-enabled SD cards that are hidden in specially-designed objects -- wristwatches, wallets, pens, buttons, etc. -- or to the cloud, if Net connectivity were available.

Encrypting cameras is certainly a great idea, not least because it helps to make crypto even more mainstream than it already is, and encourages people to expect it everywhere (although Nikon for one doesn't seem too enthusiastic about the proposal). But it's just a first step to address the serious threats faced by photographers in many parts of the world, something that would doubtless benefit from additional kinds of technical ingenuity.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Myself, 15 Dec 2016 @ 3:39am

    Send the risky images by satellite connection, so you don't have to leave the country carrying them.

    reply to this | link to this | view in chronology ]

    • icon
      DannyB (profile), 15 Dec 2016 @ 6:24am

      Re:

      When visiting a repressive regime, the camera should encrypt the images using a one way key. The only copy of the decryption key is back home and inaccessible to the NSA, FBI, CIA, etc.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2016 @ 3:50am

    Given that these days a camera screams professional photographer reporter, whats wrong with using a phone or tablet, which have inbuilt encryption capabilities, and the connectivity to send the images and videos back to base. That would attract less attention than a professional camera rig,

    reply to this | link to this | view in chronology ]

    • icon
      Ninja (profile), 15 Dec 2016 @ 5:31am

      Re:

      This. Regular encryption on cameras would be very good for the casual user that wants minimum protection against theft or regular law enforcement encounters. But for further protection there are other measures that need to be adopted. I like your idea of using the phone as a hub for the camera but I'd go further by adding standalone computers (ie: raspberry pi) that act solely as storage to the footage/photos and automatic backups. You could interconnect all these devices (camera, phone, raspberry) via encrypted wi-fi or bluetooth signals and have all them store the content and keep synchronized with the cloud whenever connectivity is available. You could conceal the hub as an external battery for instance packing a whole lot of extra juice while maintaining a security backup. As cameras get smarter with implementations of Android they too could keep connected and syncing their material with online locations.

      This still doesn't solve the "camera-meets-hammer" problem but at least it will make the destruction and leaking of the material much less likely even in more dangerous environments.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 15 Dec 2016 @ 5:40am

        Re: Re:

        I was assuming that the photographer was away from home, and in particular had borders to cross. The phone or tablet as a camera, and upload to a home base or some file locker gets round the problem of camera/phone/tablet meets hammer, or acquisitive border agent, or police seizing evidence.

        reply to this | link to this | view in chronology ]

        • icon
          Ninja (profile), 15 Dec 2016 @ 5:49am

          Re: Re: Re:

          Me too. By hub I mean a mobile hub. I mentioned raspberry but there are other possibilities like an Arduino setup.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 15 Dec 2016 @ 7:28am

            Re: Re: Re: Re:

            A better use would be to leave such a system at home, have it monitor where you drop the files, and copy them on to other storage. That way you move a copy to storage that someone who grabs your unlocked phone cannot easily find or get to.

            reply to this | link to this | view in chronology ]

    • icon
      Anonymous Anonymous Coward (profile), 15 Dec 2016 @ 9:05am

      Re:

      There is a big difference between what a phone or tablet camera can accomplish and what a professional rig can do. There are reasons that professional photographers spend thousands of dollars on them, even some advanced amateurs.

      Sending the data, encrypted or not, to a safe server and then deleting them from the recording device seems a better option, though that would limit the ability of the photographer to make adjustments to gamma, brightness, contrast, etc. while waiting for transportation or on a long flight home, or other. If the media is for immediate (or eminent) publication that would put a wrench on post production work.

      As said below, better yet to change governments attitudes toward our data, unless they have other reasons for the intrusion, and those reasons should not be because we said so.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 15 Dec 2016 @ 9:51am

        Re: Re:

        If you are in a country where having a professional camera can get uou into trouble if you try and report what is going on, perhaps you will be better off using a phone and avoiding attracting attention. I know the quality is not as good, but phone quality is better than no pictures or videos, and makes it much easier to to send the videos or pictures somewhere safe.

        Besides which I would not bet on traveling into or inside the US, at least by plane, with a professional level camera if you destination is anywhere near something that the US government does not want reported.

        reply to this | link to this | view in chronology ]

  • icon
    Nate (profile), 15 Dec 2016 @ 4:18am

    Mr Camera, meet Mr Axe

    XKCD raised one of your points re: encryption:
    https://xkcd.com/538/

    Me, I think the more likely possibility is that an encrypted camera would have a close encounter with an axe. A solid swings and neither the camera nor the storage media will be usable.

    reply to this | link to this | view in chronology ]

    • icon
      Jeremy Lyman (profile), 15 Dec 2016 @ 6:03am

      Re: Mr Camera, meet Mr Axe

      Yes, unlike the other cases for encryption where the attacker wants your data, most times the camera attacker just doesn't want you to have your data. Taking or breaking the device is as good as seeing the data. We really need instant worldwide backups and prominent notices, so attackers know that disabling the device will accomplish nothing.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2016 @ 4:48am

    a better way would be to have your home VPN server on your home computer, if you have a broadband ISP that allows servers. Comcast, Cox, and Charter all have such service, and some DSL and other broadband providers have it.

    You can then install the open source SoftEther VPN server on your Windows computer (Sorry Mac Users, it is not made for Macs), the just be sure to open the right ports on your router for remote access

    Then you can periodically upload the images to your home PC, and then delete them from your camera, so that if the camera is seized, the data on it won't be there.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2016 @ 5:04am

    Encryption should be standard, including pc os.

    reply to this | link to this | view in chronology ]

  • icon
    art guerrilla (profile), 15 Dec 2016 @ 5:19am

    i know this is crazy talk...

    ...but instead of slapping on inadequate bandaids, how about we overthrow the borg so we are actually free, not pwetend free ? ? ?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2016 @ 6:00am

    Manufacturers

    We shouldn't by relying on manufacturers to do this. Instead, buy a camera you can run your own software on, like a smartphone or a CHDK-supported Canon camera, and get a group of people together to implement encryption.

    reply to this | link to this | view in chronology ]

  • icon
    tom (profile), 15 Dec 2016 @ 7:43am

    Bad idea. No way the camera makers would come up with a common standard AND keep it updated. Better approach is have multiple storage cards. Several have the expected touristy type pictures on them. A couple special cards are used for the worrisome pictures. These are then copied to a second device, encrypted and stored in some game folder as gamedatafile42.dat. If possible, also transmit the files out of area via whatever means are available. Don't overlook using postal mail. Lose the 'special cards' once the data is safe.

    This way, the likely bored boarder agent sees several hundred or thousands of non-threatening pictures on the camera you respectfully handed over and you are on your way a few minutes later, camera in hand.

    reply to this | link to this | view in chronology ]

  • identicon
    Quiet Lurcker, 15 Dec 2016 @ 8:41am

    Encrypt the camera????

    No.

    Just, plain, flat, NO.

    Unless you're extremely careful, you can easily loose data. And lost data in this instance can lead to any of weird/wrong/distorted/missing color/shape/lighting/focus/depth-of-field, etc., and so on and so on.

    It me only be a small percentage of the data, or even a small absolute amount. But you know what the politician once said about the odd billion or two here and there eventually coming to add up to serious money.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2016 @ 10:29am

    More boot-leggers & Baptists B.S.

    These are copyright maximalists hiding under the skirts of journalists.

    https://en.wikipedia.org/wiki/Bootleggers_and_Baptists

    reply to this | link to this | view in chronology ]

    • icon
      Seegras (profile), 15 Dec 2016 @ 11:32am

      Re: More boot-leggers & Baptists B.S.

      Like the drug-prohibitionists in boat with drug-cartels? Sounds likely. Have you lately thrown your DEA into prison? Maybe you should.

      reply to this | link to this | view in chronology ]

  • identicon
    AnotherOption, 15 Dec 2016 @ 10:51am

    Hardware Addons are a better route

    Instead of building the encryption into the camera, make the cameras modular so they can plug in their removable hardware encryption modules. Camera makers are off the hook for any potential litigation.

    This would allow the camera to operate as a normal camera when going through customs and remove the theft of property by governments that would then look to the addon hardware that was handed off to a fellow that already passed through security and is at the home office waiting to decrypt.

    It would also allow photographers to use modules that are up to date, allow use of their favored encryption scheme and add a number of hurdles to busy body customs agents and governments. Hell, smart phones and PCs should have this option as well.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2016 @ 11:06am

    --Other options might be to transfer the sensitive stuff to tiny wifi-enabled SD cards that are hidden

    Great, so we can start expecting body cavity searches looking for tiny wifi sd cards that might be hidden there.

    A better solution is to simply not have anything suspicious with you when you encounter the authorities. Send the data using some other means.

    Or hide the data in plain sight:
    https://en.wikipedia.org/wiki/Steganography
    "You wanna look at my cat pictures? OK, you gotta see the 6th picture its hilarious!"

    reply to this | link to this | view in chronology ]

  • icon
    SteveMB (profile), 15 Dec 2016 @ 11:19am

    "They might simply pass laws that forbid the use of cameras that encrypt images. By declaring them illegal, governments could seize them at the border or whenever they are found."

    Making that more difficult is one reason to make it a standard feature rather than a specialist add-on. Any country where tourism is a significant revenue generator for Fearless Leader's Swiss bank account can't afford to have the border goons stealing cameras from every tourist from Topeka.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2016 @ 12:55pm

    Nerd harder to build in AI to detect & reject porn videos

    then use encryption technology not to hide videos, but to tie them to this camera & this individual; include alarm "feature" which can be set off by TSA agents.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Dec 2016 @ 2:25pm

    They will give them proprietary encryption. LOL

    reply to this | link to this | view in chronology ]

  • icon
    Not an Electronic Rodent (profile), 16 Dec 2016 @ 10:25am

    Inmportant

    Note to the UK government:

    They might simply pass laws that forbid the use of cameras that encrypt images. By declaring them illegal, governments could seize them at the border or whenever they are found. However, that's a fairly mild response. If the material on a camera seized by the authorities turns out to be encrypted, many would demand the password. If the photographer is lucky, a refusal might mean being thrown out of the country, probably without the camera. In the worst case, government thugs and criminals may try to obtain the necessary passwords the old-fashioned way -- by beating it out of the photographer.

    This is not, repeat NOT, a playbook for how to handle encrypted cameras.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.