disinformation Archives - SmartFrame

Image manipulation: Why it’s a problem and what we can do about it

Liam Machin — Tue, 30 Apr 2024 10:45:09 +0000

Tools used to manipulate images are more readily available than ever, and that can be an issue in terms of what makes something trustworthy. So what can be done to rebuild this?

Can you guess 2017’s word of the year?

The answer to that burning question is “fake news” – thanks in large part, of course, to the US president at that time.

But the fact that we’re still debating what can be done about disinformation and misinformation years later shows just how significant this issue has become.

When it comes to social media platforms, they rely on people being able to share content freely and easily.

Consequently, such platforms must also deal with the fallout from content created and used for harm.

Although it is worth noting that most of the largest platforms are now making greater efforts to educate users on the subject, a lack of protection and limited visibility over the origin of media means these issues will persist.

If these platforms can rectify this and demonstrate that they take the safety of their users seriously, they can rebuild the trust that has been eroded over the past few years.

With the online world facing the challenge of speed vs accuracy, it’s perhaps unsurprising that the WEF’s 2024 Global Risks Report found “misinformation and disinformation to be the top risk for the world in the next two years.”

At the heart of this epidemic is image manipulation.

Out-of-context images have repeatedly caused some sense of clouded judgment and made people more susceptible to believing any false narrative that might be attached to an image shared online.

But images that have been heavily altered, or that are entirely fictitious, to begin with, pose even greater issues.

What is image manipulation?

Image manipulation refers to the act of adjusting a digital picture in some way.

Often, this is done to help create a certain creative look or to fulfill a business objective. It can, for example, be used to fine-tune details make corrections, or even create entirely new compositions.

The history of image manipulation

The use of manipulated images has a longer history than you might think. While it’s reasonable to view it as a modern issue, the use of image editing to deceive the public dates back to the 19th century.

It’s claimed that the first case of image manipulation took place in the early 1860s – and that this particular instance shaped the future of money.

Abraham Lincoln’s face was edited onto the body of another politician, John Calhoun, to “distract from his ‘gangly’ frame.” As for the connection with money, this manipulated image was believed to be the basis of Lincoln’s original five-dollar bill.

The widespread use of image manipulation became particularly noticeable during the early days of fascism.

In Nazi Germany, for example, images were frequently edited to change their meaning, often to demonize minorities.

This can also be seen in a famous photo of Italian dictator Benito Mussolini, which was edited to remove the horse handler to create a sense of “heroism”.

During conflicts, photographs were used to uplift spirits, vilify opponents, and manipulate events, to evoke and exploit the emotions of the public amid the turmoil of war.

These examples only scratch the surface of image manipulation’s complex history and impact on society.

With the constant availability of online content, one might assume that people are careful not to accept everything at face value.

Sadly, this isn’t the case.

Why is image manipulation becoming more of a problem?

Easy accessibility to image editing software, together with the growth of AI tools, means this issue stands to disrupt society in a way we haven’t seen before.

According to image search engine Everypixel, the growth of AI-generated images has led to more images being created in a single year than humans have produced in over a century, with over 15 billion images using text-to-image algorithms already generated.

People have also become somewhat desensitized to some degree of image manipulation because it’s usually used in ways that the average person would deem acceptable, such as for improving profile pictures or Instagram posts.

But in recent times, fake and manipulated images have made headlines for the wrong reasons, such as the Princess of Wales’s Mother’s Day post and Taylor Swift’s AI-generated explicit images.

The rise of deepfakes is also being used to create misleading celebrity endorsements, causing scam and fraud headaches for both internet platforms and their users.

What can be done to stop image manipulation from spreading fake news?

It’s, of course, impossible to stop image manipulation completely. But when it comes to viewing these images online, there are a number of options available to help people identify manipulation and fakery.

Industry standards, comprising standardized verification, clear editing guidelines, and ethical codes, can help fight against the proliferation of fake images.

Some governments have even taken it into their own hands and implemented education in schools to help people spot fake media, despite the constantly changing nature of the issue making this more difficult.

Social media platforms play an important role too.

To address the proliferation of manipulated images, these platforms could work more closely with fact-checking organizations to verify the legitimacy of shared content.

Digital signatures, watermarking, and other image analysis tools could also be integrated directly into social media platforms to help flag potentially misleading content.

The ease with which images can be stolen is arguably the most important enabler of many of the risks associated with manipulated media.

Part of that problem is that the longstanding JPEG file has been the default format for images since the internet’s inception.

Yet, it offers no meaningful protection against theft – simply right-click and save, and from there, anyone with some image-editing know-how can manipulate images any way they wish to do so.

How does Content Credentials intend to influence the future of imagery and image manipulation?

Content Credentials give users context on the content they’re met with. This in turn allows them to make better decisions on whether or not the image can be trusted as a source of information.

The Adobe-led initiative allows for proper attribution to all images posted online, ensuring that the original image and its producer are visible, creating more transparency.

Furthermore, it’s possible to see how the image was manipulated, including editing history and any use of AI tools.

Additionally, by embedding images to news articles using SmartFrame, images can have all of the above while being protected against both drag-and-drop attempts and right-clicks, with a copyright warning thwarting screenshot attempts too.

And, as every SmartFrame is encrypted and only appears when a user is actively Browse a website, the image disappears as soon as the viewer closes the browser tab or window.

Image manipulation isn’t new – but the need to highlight when it’s used is becoming non-negotiable

The targeting of celebrities and key world events, and the content used for this, clearly show the need for increased regulation and protection.

Through clear labeling, increased education, and added accountability with repercussions, we can help mitigate the spread of misinformation and rebuild trust in the images we see online.

As James Warren, NewsGuard’s executive editor, noted in a recent Substack post: “Kim Kardashian’s enhanced glam shot on a magazine cover is one thing, fiddling in the slightest with a photo of the Israel-Hamas war is another.”

The post Image manipulation: Why it’s a problem and what we can do about it appeared first on SmartFrame.

Is a new age of transparency on the horizon?

Matt Golowczynski — Tue, 16 Jan 2024 11:54:37 +0000

Growing uncertainty around what we can trust online has given rise to a number of initiatives whose goal is to improve transparency. But is this indicative of a broader trend?

Late last year, online dictionary Merriam-Webster announced that the word “authentic” had the honor of being its 2023 Word Of The Year.

To many, this might not have come as a surprise, given the events of the last twelve months. But with runners-up such as “deepfake” and “dystopian,” and these results reflecting search volumes on the site over the past year, there is an obvious temptation to draw conclusions as to the public’s mood and focus.

Nevertheless, as the issues that led to these searches persist beyond the year’s end, it seems likely that tools and technologies that serve as a mark of authenticity will continue to receive attention.

Building trust

One reason for this is that the matter is just as crucial to publishers of online content as it is to the audiences that consume it. For the latter, understanding what’s authentic is important as people want to be assured that they are receiving accurate information about the world. But for the former, it’s their entire reputation that’s at stake.

The demands of rolling news coverage, together with a reliance on citizen journalism and a constant stream of newer publishers challenging so-called legacy media, leave ample room for mistakes. While the consequences of these may often be insignificant, they can easily invite accusations of bias, particularly in the reporting of global conflicts and health-related matters. It’s not just a question of rigorous fact-checking, but being able to do so at speed. Get both right and the prize is the public’s trust.

Publishers have always been conscious of this, but with respect to visual content, and the ease with which visual content can be manipulated and presented out of context, there’s an imperative to demonstrate this kind of trustworthiness in a more tangible way.

Any organization can claim to be trustworthy, but it takes little more than anonymous replies on social media posts with links to alternative sources of information to undermine this. So the logical response is to make the process of assessing this information as transparent as possible.

Earlier this year, for example, the BBC launched a new BBC Verify brand, which comprises around 60 journalists working in a dedicated space “with a range of forensic investigative skills and open source intelligence (Osint) capabilities at their fingertips”. These include Analysis Editor Ros Atkins, who is best known for his Ros Atkins On… series that distills complex issues into short video explainers.

The BBC states that, rather than sorting content into verified and unverified buckets, BBC Verify aims to actually explain the verification that has taken place. This allows the viewer to assess whether its methods are sound, rather than simply take its word that a piece of content is considered genuine.

Similarly, the Content Credentials tool from the Content Authenticity Initiative allows for greater transparency over the creation and editing of online content. By allowing viewers to inspect the credentials attached to the work – that is, the content producer, any edits that have been made, the original images used in any composite works, and the date and signing of the work – they’re better informed about what to trust.

These initiatives follow others developed over the past few years for advertisers, whose concerns around transparency are more to do with having sufficient oversight on the supply chain so that they can understand where their ads have been shown, the allocation of their budgets, and tools to counter ad fraud.

While these initiatives, which include the IAB’s Gold Standard and ads.txt, may appear distinct from things like BBC Verify and Content Credentials, they’re not wholly unrelated. Publishers committed to creating trustworthy environments are more likely to attract the right kind of audiences, which, in turn, are more valuable to advertisers.

A new era?

Perhaps it’s the fact that the emergence of these tools and systems coincides with Google’s long-awaited deprecation of third-party cookies in Chrome – which places more focus on exactly how online viewers are being targeted by ads and the data used to do so – that makes it seem like the following year will witness the start of a new chapter in online transparency.

Or perhaps these are a natural and logical continuation of what has already come before. Many publishers already state their editorial policies and highlight corrections where necessary; detail their ownership and funding; mark native advertising clearly; show authorship and links to writers’ social media channels; and adhere to requirements around affiliate commissions when recommending products that can be purchased on a third-party site.

Over the next few years, these practices are likely to be joined by policies that detail their responsible use of AI tools. Additionally, more obvious indicators of AI-generated content may become more prominent.

While some of these may be required to comply with the relevant regulations, publishers that voluntarily take additional steps to demonstrate their trustworthiness are more likely to hold themselves to a higher standard for their audiences and partners, and so will fare better under scrutiny. Given that the average person will only realistically take their news from a limited number of sources, steps like these may well determine who the publishers of tomorrow actually are.

The post Is a new age of transparency on the horizon? appeared first on SmartFrame.

Deepfake videos have us concerned, but are we overlooking a more sinister threat found within them?

Matt Golowczynski — Fri, 30 Jul 2021 08:58:45 +0000

Images and videos have long been edited to deceive, but the believability of recent deepfake videos highlights another threat that could evolve into a much larger problem.

Manipulating images was commonplace long before photography entered the digital era. Whether it was to disguise wonky composition or to cut away something from the edge of the frame, photographers have long used the tricks of the darkroom to make us believe that an image was originally captured as it eventually appeared.

The editing process may be different today, but the tools that are used to carry this out have long been accessible to all. For all but complex editing, even a computer is now redundant as app-based editing and AI tools running on today’s powerful breed of smartphones and tablets achieve what would have been unthinkable ten years ago.

But while we’re used to the idea of online images not necessarily showing a scene or subject as it may have appeared in reality, it’s only in the past few years that video fakery has been so prominently discussed.

This has, of course, been spurred by the believability of many viral examples, such as recent videos that show what appears to be Tom Cruise playing golf and performing a magic trick. While undeniably impressive, other videos designed specifically to smear politicians and other public figures, and to undermine democratic processes, show just how easily these tools can be weaponized too.

Proving provenance

Clearly, some of these examples are intended to entertain rather than mislead us. But, collectively, they provide a backdrop for a handful of recent initiatives designed to provide greater clarity on the provenance of digital media.

Two of these are the Content Authenticity Initiative (CAI) and Project OriginThe former was launched in 2018 by Adobe, Twitter, and The New York Times Company, with an initial mission of developing the industry standard for content attribution in order to help people determine what’s likely to be trustworthy. <

Project Origin, meanwhile, founded last year, Joint Development Foundation< project, named the Coalition for Content Provenance and Authenticity (C2PA), which was formed through an alliance between Adobe, Arm, Intel, Microsoft, and Truepic.<

Having the participation of leaders in their field for these initiatives is imperative if they are to be widely adopted. But another obvious benefit is that it allows each organization to bring its own specific expertise to the party. <

This is important, as deception can come through many different types of media. And tmakes it clear that what it presents is “a set of standards that can be used to create and reveal attribution and history for images, documents, time-based media (video, audio) and streaming content.”<

We may immediately think of dubious news articles, doctored images and deepfake videos when we think about deceptive information online, but a recent news story highlighted one direction in which this deception could evolve. An interview with the director of an upcoming documentary about Anthony Bourdain revealed that tmet with an angry response from many individuals, including those who knew Bourdain personally. <

This shouldn’t have come as much of a surprise, although it’s entirely possible we have already been subjected to this same manipulation without us realizing it. Indeed, it’s easy to consider such a situation that would draw few objections. <

A recorded voiceover in need of a few adjustments, for example, but without the possibility of the original actor re-recording this. It’s reasonable to assume that, were they alive, the actor in question may well consent to this if it meant a project could be finished. Would it receive a similar reaction, were people to find out this had happened? Or is it more a question of respect, given that Bourdain is no longer alive? Perhaps the output is what matters more: If this were a work of fiction rather than a documentary, would we care as much? <

The use of AI in this way might be relatively new, but dubbing speech and using either archival footage or CGI when an actor is not available is commonplace. Even so, as an illustration of the rate of progress over the last 20 years, the clip above, taken from an episode of HBO’s The Sopranos that aired in 2001, demonstrates that what was once passable from a major television network is significantly behind what an individual without the same kind of budget can achieve today.<

Finding your voice

The backlash over the Bourdain documentary voiceover is ongoing, but perhaps we should have seen these kinds of problems coming. After all, it’s not just the fact that the subjects in these deepfake videos look like Tom Cruise, Mark Zuckerberg and others – it’s that they sound like them too. <

Quite how well you can spot this kind of trickery depends in part on exactly what’s being presented to you. Video and audio together can make deception easier to identify; speech may be slightly mismatched from mouth movements, for example, while blurring or unnatural facial expressions may also give things away. But if we’re listening to a voice alone, the absence of any visual quirks means we have a far greater chance of being fooled.<

In many of these deepfake videos, no harm is intended or caused. If we show these to a friend, we do so to impress them with what has been created, rather than to hurt them in any way. Furthermore, as Chris Ume, the creator of the Tom Cruise deepfakes <has made clear<, creating these involves considerable time and effort, so the chance of us all becoming targets in something similarly sophisticated remains small.<

But being deceived by a voice that belongs to someone you know suggests a much more sinister potential route for this technology. What if you were to receive a desperate call or voicemail from what sounded like a relative asking for help? Or for money? Or personal information of some sort? What if the same kind of trickery was used in a professional environment to authorize a financial transaction? Or to access an account of some sort that makes use of voice authentication?

How would this even work? The director of the Bourdain documentary has stated that it took over 10 hours of audio of Anthony Bourdain speaking, which was fed into a machine-learning program to develop this synthetic voice. A quick online search shows there to be a slew of tools that promise you can synthesize your own voice in a similar manner, but, for the purposes of illicit activity, such tools could easily be abused to synthesize those belonging to others.

When you consider just how many people – even those who many would not consider to be particularly famous – have clocked up a similar amount of time to what was required from Bourdain speaking in high-quality, publicly accessible media (YouTube videos, podcasts, webinars and so on), it’s hard not to think of what the potential consequences of this could be.

Perhaps this sounds far-fetched. Perhaps the way these kinds of harms evolve means that things will take another route, resulting in a different kind of threat with a different set of safeguards. And perhaps these safeguards will ensure that as soon as these threats materialize the fallout will be minimal. Nevertheless, it’s not inconceivable that it may come to a point where we start to feel the need to guard our voice online like we guard our images and personal information today.

The post Deepfake videos have us concerned, but are we overlooking a more sinister threat found within them? appeared first on SmartFrame.

Upcoming webinar: Technology, Access and Value – Balancing dissemination, protection and profitability in cultural heritage

Matt Golowczynski — Mon, 14 Jun 2021 09:33:05 +0000

How can cultural heritage institutions meet their various obligations while staying profitable? And how can technology help? We’ll be examing the issue in this CEPIC webinar, sponsored by SmartFrame.

Cultural heritage institutions play a vital role in our understanding of the world through the storage, preservation and display of their collections. We enjoy and learn from these today, and appreciate the value they will have for future generations.

These institutions face a variety of challenges, however, when it comes to maintaining and displaying their collections, and balancing these with any commercial objectives isn’t always straightforward.

The COVID-19 pandemic has created additional strain on the financial health of these organizations, which has served as a reminder of the value that’s placed on being able to visit them in person. But it has also underlined the importance of being able to access their collections remotely.

Ensuring that these collections are accessible by as wide an audience as possible is typically a term of the funding these institutions receive, but this requires sufficient resources, adequate protection of assets once they are publicly accessible, and a model that can ensure this entire process is sustainable.

So how can these institutions ensure they meet their various obligations and objectives? Can they make better use of existing and emerging technologies to increase the reach of these collections and ensure they maintain their value?

This issue will be the focus of an upcoming webinar, hosted by CEPIC and sponsored by SmartFrame. SmartFrame CEO, Rob Sewell, will be on the panel, along with Clive Coward, Tate Images Manager at Tate; Fergus McKenna, Content Sales Director at Reach plc; and Lucy Crompton-Reid, Chief Executive at Wikimedia UK.

The webinar will comprise a half-hour presentation followed by a half-hour Q&A session. Those wishing to attend should register in advance using the link below, and all registered attendees will be able to access a recording of the webinar after the event.

Register now and save money with our exclusive code

Our exclusive promo code will entitle you to register for this webinar for just €15, a saving of €34 on the standard ticket price. Just enter the code CICHW060721 in the Enter promo code field when registering for tickets. Register here

Key details

Date: 6 July 2021

Time: 17:00-18:00 CET (Admission: 16:45 for a 17:00 start)

Location: Webinar (via Zoom link)

CEPIC member fee: €29 with promo code (email CEPIC to request your CEPIC Member promo code).

Non-CEPIC members: €49

Picture editors and photographers: €9

Click here to register for this webinar

The post Upcoming webinar: Technology, Access and Value – Balancing dissemination, protection and profitability in cultural heritage appeared first on SmartFrame.

Online threats appear to be getting worse. But why?

Matt Golowczynski — Wed, 11 Nov 2020 14:32:11 +0000

Images are behind many of today’s online threats, and big tech companies are struggling to defeat them. But their failures are often compounded by our own actions. So what are they, and we, doing wrong?

SmartFrame recently joined the online safety tech industry body OSTIA as an associate member, and will be working with the body’s members to raise awareness of the tools available to help protect people online.

OSTIA’s formation earlier this year follows a white paper released by the UK government that focuses on online harms. This paper details the various threats that internet users currently face, and outlines a new statutory duty of care – overseen by communications regulator Ofcom – that’s aimed at curbing various illegal and harmful activities.

Online harms exist in many different forms, and these change over time, so a comprehensive discussion of them all would be well outside of the scope of this article. But given that images are at the heart of many of these threats, a closer look at how these are captured, viewed, published, downloaded and shared with others helps us to gain an understanding of where problems may lie. It’s not simply a case of needing to protect ourselves and those around us from harmful content; we also need to recognize how our own perfectly lawful actions can also end up being problematic.

Threats can, of course, exist in all corners of the internet. But it’s easy to see that many of the most problematic threats we face are in part down to the fact that social media platforms, together with other major online players, have become victims of their own success. As their audiences have ballooned, they’ve struggled to keep up with the volume (and nature) of content posted on their channels. There’s little doubt that they are a lot safer than they would otherwise be without certain tools and processes that are in place, and progress continues to be made as threats evolve. Nevertheless, their failure to address more basic issues is worrying, and a key factor that allows these threats to continue.

So what are these threats, and what risks are we taking? Where are we being failed by those who we expect to protect us? And how do we become more responsible internet users?

The threats we face

Internet safety is a critical issue, not least because the vast majority of us are, in some way or another, online. In the UK, nearly nine in ten adults and 99% of 12 to 15 year olds are online. In the US, over 85% of the population has access to the internet, which equates to around 281m people. Within these are countless vulnerable people, from children and the elderly through to those who may be more susceptible to radicalization.

Online threats, of some description, have always been with us. Even those of us who have been using the internet since it was first commercially available may find it difficult to remember a time when spam folders designed to collect suspicious-looking emails weren’t integrated into email services as standard, or when new PCs and laptops weren’t being bundled with anti-virus software. Scams and viruses are still with us, but as the internet has evolved, so have the dangers.

Many of today’s threats exploit the things we do every day. Our smartphones and the images we take with them; the social media platforms we use; and the cloud-based services in which we store images and other files. These have rooted themselves in our day-to-day lives to the extent that we use them without much thought. And when we use them without much thought, we start to lose sight of the value they could have to someone without the best intentions.

Threats that concern images can typically be sorted into two categories, namely threats based on images we create ourselves and those based on images created elsewhere that are in some way harmful. As may be expected, the most serious image-based threats discussed in the white paper typically concern some type of pornography, such as images depicting child nudity and exploitation, as well as extreme porn and revenge porn. Other threats mentioned that often involve images include harassment and cyberbullying, as well as content that incites violence or hate crimes, or that promotes terrorism or other illegal activity.

The paper also highlights the problem of perfectly legal content and platforms intended for adult audiences being accessed by children, from pornography to dating apps. The complexity in adopting effective age-verification systems for legal pornographic websites has meant that plans to introduce this in the UK were recently abandoned. Similar systems are on the cusp of being introduced elsewhere (such as in France), although technical problems and privacy concerns mean that it remains to be seen whether these will be successful.

Together with the growing issue of misinformation – which, most problematically, concerns deliberate acts of disinformation – one can start to appreciate just how multi-faceted the issue of online harm is, and how crucial images are to the effectiveness of many of these threats. But what’s made these such a significant issue today?

How the situation has escalated

Various factors have come together to make this the current reality. One of the most significant of these is the ease with which images can be taken by the average person. Standalone cameras have long been affordable, but technology has moved on to the point where these no longer need to be bought separately, given the proliferation of cameras inside smartphones, tablets and computers.

Image-editing software, which can be used to manipulate photos for all kinds of malicious purposes, is free, easily downloadable as an app, or even bundled into social media platforms. The overwhelming majority of picture taking and editing is done with no malice, of course, but, as we shall see, such images can also be at the heart of many harms.

Another factor is the increasing ease with which images can be shared with others. Social media platforms rely on user-generated content and activity as this allows them to understand their audience and sell advertising, while also helping to attract new users. So it’s no surprise that they have spent years making changes to algorithms, user interfaces, integrations, notifications and discoverability; sharing images is more pain-free than ever, but we rarely stop to consider who the real beneficiary of all these changes has been.

The third key factor is anonymity. While illegal and problematic images are also shared outside of social media platforms, the ability to participate in harmful activity while remaining anonymous has allowed individuals – and, more insidiously, groups posing as an individual – to leverage these platforms and target existing users with propaganda, or other harmful content. As a paper produced on behalf of Ofcom highlights, one thing that allows this to happen is the fact that most online communications are asynchronous; when an individual cannot see a response to a message or another communication, they don’t see a negative emotional reaction to it, which can encourage them to act in a less inhibited manner. It’s easy to forget that social media platforms do not require any kind of proof of identity when opening an account, such as a copy of a passport or a driving license – an email address will usually suffice.

Encrypted messaging apps that allow for individuals to securely send and receive images and videos have also risen in prominence in the past few years, their popularity being a logical consequence of years’ worth of focus on online privacy issues. These can be vital to journalists and others who may have a legitimate need for sensitive communication but, as we might have expected, their security has been exploited by criminals. Telegram in particular has been frequently cited in reports on the most prominent terrorist attacks in recent years.

It doesn’t concern me – does it?

Publishing extreme and obviously illegal content is one thing, but the overwhelming majority of online users do nothing of the sort, and comply with both the law and the terms of the platforms they use. Nevertheless, many everyday images that appear completely innocuous can be used for harm, whether the image owner is the intended victim or not.

Social media channels are an obvious place to discover and steal personal images. While threats exist across different platforms, Facebook appears to attract the most criticism, and there are many reasons for this. In November 2021 it was the third most visited website globally, and the most popular social media platform in terms of monthly average users. The fact that people connect with their friends and family here means that the nature of the content shared on it is more personal than on platforms such as Twitter and YouTube. But it’s the diversity of the platform that makes it particularly unique.

At a basic level, there’s the personal information and images that are openly shared with connections (or publicly), which can be used to harm the individual. On top of this, Messenger allows for threats to take place privately, while Groups allow harmful ideas to reach new audiences when made public, and to reverberate when set to private. Facebook’s Marketplace can attract scams and other threats with some kind of financial goal, while issues with monitoring the live-streaming Live service became clear after last year’s mass shooting in Christchurch, New Zealand. Other social media networks may have one or more of these elements, but it’s the fact that Facebook offers everything under one roof that forces it to contend with a diverse range of criminal behavior.

There are many reasons why someone may wish to steal images from someone’s account. A common scam on Facebook, for example, sees a duplicate profile of an individual created by an impersonator, who then sends friend requests to that user’s friends under the pretense of this being a new, but genuine, account. Once their request is accepted, the impersonator has the same level of access to the acceptor’s account as other friends of the original user, which may include access to images, friend lists and personal profile information. They also have the ability to message that person’s friends and family in an attempt to extract personal information.

Similar impersonations on Twitter see prominent users having their identity cloned in order to send spam or links to malware, or to promote counterfeit goods, with the target audience being followers of the genuine account. Even just a profile image may be enough to deceive other users (and at the time of writing, this image is available to view and download from accounts that have been set to private, or that have blocked malicious accounts from interacting with them or reading their tweets).

Tools for reporting such attacks when they’re noticed have been a part of social media platforms for some time, but a recent news article details a more sinister type of threat that can’t be detected in the same way. Celebrities have traditionally been the subject of fake pornographic images, and more recent deepfake videos, but a recent story confirms that such a threat is no longer confined to those in the public eye. The story details how, since July 2019, over 100,000 images of women were harvested from social media sites and treated with AI tools to create fake nude images, before these were posted on Telegram. While the effectiveness of this technology in creating convincing images has been questioned, this technology will only improve in the future – and the fact that these are being published in encrypted channels means the likelihood of the victim ever discovering them are small.

These are just three examples of image-based threats that exist today, and key to them all is the theft of images from a social media profile. Their effectiveness depends on it. The platforms from which these images are taken decide how easily such images can be stolen, which also means they play a role in determining how problematic these threats can become.

Sharing images of ourselves is one thing, but things can become more problematic when we choose to share images of others. Social media being what it is, it’s difficult not to do this when we’re keeping friends and family updated on our lives, but the more that’s shared, the better we need to understand the security measures available to us.

In 2015, Australia’s Children’s eSafety Commissioner revealed that of the 45m images discovered on a single child exploitation site, around half appeared to be innocent images that were sourced from social media platforms such as Kik, Facebook and Instagram. Even if there was nothing inappropriate about the images themselves, they were said to have been frequently accompanied by comments that sexualized the subjects within them, and categorized into folders by the subjects’ appearance, age or another attribute.

Family blogs maintained by parents without sufficient knowledge of online safety matters were also highlighted as a potential problem for the same reason, and the issue of digital literacy becomes more important as the age of those charged with supervising children rises. Poor knowledge of online risks among elderly internet users creates enough problems of its own for that demographic, but it presents additional dangers when these users have children in their care, as the usual restrictions that may be in place at home on smartphones, tablets and computers may not be enabled on devices belonging to these users.

One would think that as these platforms have grown, and have greater resources for tackling illegal content, the dangers would be minimized. But if we go by volume, it only appears to be getting worse. In 2014, there were just over 1m reports globally of images concerning child exploitation. Last year, the New York Times reported that there had been 18.4m reports worldwide concerning indecent images and videos of children online – double the amount of cases in the previous year. The article also mentions that those familiar with the reports claimed that 12m of these cases concerned Facebook’s Messenger platform. Facebook’s own reported data shows it had acted on a total of 37.4m individual pieces of content that concerned child nudity or sexual exploitation, and the figures from the first two quarters of 2020 show a marked increase.

The dark reality of keeping us safe

Between the law, social platforms’ own terms of use, and common sense, the average user shouldn’t have too many problems understanding what kind of content can and cannot be shared online. When it comes to stopping the spread of problematic content, progress has no doubt been made over the years, partly in response to threats that have grown in prominence and partly in response to pressure from lawmakers (particularly over the last few years, as the dangers of disinformation and political interference have become more prevalent).

But in some cases, the specific content within an image would land it in something of a grey area, and a decision would be more down to a judgement call than anything else. Today, such decisions are carried out on social media platforms by a mixture of artificial intelligence and human moderators. The former may still be in its infancy, but is said to be adept at tackling nudity, to the tune of being able to correctly identify and automatically remove 99.2% of offending images. Nevertheless, some level of human moderation is still required for other types of problematic content – and as this has become more of an issue, reports of the effects of this content on moderators have made for disturbing reading.

Last year, The Guardian reported that contractors tasked with moderating content on Facebook claimed to have witnessed colleagues becoming addicted to extreme graphic content and hoarding it for themselves (a claim Facebook denies), as well as being influenced by the hateful, far-right material they were supposed to be vetting.

Earlier this year, Facebook paid $52m to moderators who had claimed their work has led them to develop mental health issues, with some claiming to have experienced symptoms of post-traumatic stress disorder (PTSD). As the BBC reported at the time, one contractor who recruits such moderators had started to ask workers to sign a form acknowledging that they understood this work could lead to PTSD.

This issue is not new; Facebook has previously been sued for similar reasons. Nor is it specific to Facebook; Microsoft faced a similar lawsuit back in 2017, while YouTube is currently being sued by a former moderator who claims that it had failed to “provide a safe workplace for the thousands of contractors that scrub YouTube’s platform of disturbing content.”

Confidentiality agreements may explain why we haven’t heard more about this issue. During a Periscope stream with The Real Facebook Oversight Board, one ex-moderator who moderated content on behalf of Facebook explained: “I think the biggest problem is NDAs, which can be held over your head … which can make it difficult to speak out about anything.” This raises an intriguing question: without reports of these lawsuits, would we know anything about this at all?

Clearly, a balance needs to be struck between human and AI moderation so that the general public is sufficiently protected without it creating such severe issues for a handful of individuals. But what are the chances of AI being able to take over completely?

Facebook, along with Twitter and YouTube, appears to have relied more on AI during the ongoing pandemic. It has previously stated, in response to another lawsuit, that it wanted to move towards this model. This was two years ago, and the fact that human moderators are still being used suggests that either the technology isn’t quite there yet or that the threats are changing too rapidly (or, more likely, a combination of the two). Furthermore, while a deeper shift towards AI sounds like a positive solution for moderators, concerns remain. “My guess is that as AI gets better at recognizing patterns in stuff that’s constantly posted … we’ll just get more of the extreme borderline content and have to make harder decisions more often,” the ex-moderator stated.

Another ex-moderator on the same live-stream agreed. “At the time [AI] didn’t seem like the best indicator as to what was violating or not. It felt like job security for sure … As soon as you recognize the pattern, the internet will change the pattern. It’ll work and get better, but there will always be borderline [content]. We’re good at that as people. The algorithm and bots are only going to do so much. You’ll still need a content moderator – always.”

Whatever ratio of AI and human moderation is used, the reality is that, right now, people who we have never met are watching some of the most disturbing content online to ensure it gets nowhere near us. These platforms may claim to support these individuals, but these lawsuits, together with the comments from ex-moderators, indicate that this is something they are still grappling with.

How social platforms are making things worse

Preventing images that shouldn’t exist from reaching us is one thing, but freely providing tools for downloading other people’s lawful images only compounds the problems online users face.

Anyone using Facebook will usually see a Download button next to images posted by friends and other accounts, and images that do not have this (because of privacy settings) can often still be stolen with conventional means. It’s not even necessary to be someone’s friend to have access to this control on their images. While security options can be customized, it’s possible to download images from profiles that are searched for, or when a connection shares someone else’s image. At the time of writing, default privacy settings give friends of friends the same kind of access to this content that friends have, and the privacy tour that new users are invited to take to better understand the settings available to them is entirely optional.

Even if no malice is intended by downloading such an image, the presence of such a control shows little regard for the protection of an image owner’s content or their copyright. While UK and US copyright laws both detail a handful of scenarios in which such images from others may be copied and used, the fact that there are only a handful of legitimate exemptions that fall into this category makes the provision of this button puzzling.

Such issues are problematic on other platforms too, albeit to a lesser extent. Images cannot be right-clicked or downloaded with a dedicated control from (Facebook-owned) Instagram, for example, although screenshots are possible and these images are easily accessible in the page’s source code. Twitter also doesn’t have a download button of any sort, but right-clicks, drag-and-drop saving and screenshots are all allowed.

Photo-hosting site Flickr has similarly problematic controls. At the time of writing, it displays a license type underneath images uploaded to its platform, and the default option is All Rights Reserved. This, as it explains, means that:

“You, the copyright holder, reserve all rights provided by copyright law, such as the right to make copies, distribute your work, perform your work, license, or otherwise exploit your work; no rights are waived under this license.”

And yet, just to the side of this license is a “download this photo” button. Not only that, but clicking on this presents a range of image sizes to choose from.

To its credit, Flickr does support a range of other licensing options and allows users to prevent direct downloads in the manner described above. A ban on right-clicks and drag-and-drop actions do not allow the image to be saved from this page, but protection over screenshots is absent and the image is still available in the page’s source code. Even if users do choose the more secure option, finding a page with an image in a range of sizes is straightforward enough. Anyone intent on stealing such an image can do so without much effort.

Mobile challenges

Images are, of course, stolen from other channels outside of social media sites, and this problem extends to the mobile devices we use.

Some of the most common browsers used on smartphones and tablets, from Google Chrome and Microsoft Edge through to Firefox and Brave, have a context menu that appears upon a long press on an image, one that looks much like a right-click popup on a computer. While these menus differ slightly from one another, the option to download the image directly – or at least open it in a new tab where it’s isolated from other page content – is typically provided among these options. What are the chances that someone is using this to download their own image versus the chance that it’s being used to download someone else’s image without their permission or knowledge?

Even if browsers prohibit these kinds of actions, the option to screenshot images on mobile devices will typically be available. As users of Snapchat, and certain banking and payment apps, may already know, screenshot detection and/or blocking has been around for some time, although it can be circumvented and is lacking from many of the apps that would particularly benefit from it.

Dating apps are an obvious example. While the threats associated with these have traditionally centered on the physical dangers of meeting strangers in person, image theft brings with it additional problems that don’t necessarily rely on any physical contact.

These include catfishing, which typically sees a new profile set up with stolen images in a bid to gain user’s trust and divulge personal or sensitive information (which obviously includes images). Earlier this year, it was reported that over 70,000 images were scraped from Tinder and found on cyber-crime forum, for unknown reasons. This came less than three years after a user claimed to have exploited Tinder’s API to scrape 40,000 images in order to create a facial dataset. Incidentally, these figures come nowhere near the 3bn or so images that were said to have been scraped by a start-up from Facebook, YouTube, Venmo and other sites for the same reason.

These are extreme examples, but the ability to scrape this quantity of images in one go affects enough people for isolated incidents to be significant issues. More everyday image theft will typically be carried out by conventional image saving or screenshots, and at the time of writing, the majority of popular dating apps, such as Hinge, Tinder, Bumble, Plenty of Fish and OkCupid do not notify users when someone has taken a screenshot of their image. One notable exception, however, is Grindr, which recently introduced this as an optional setting.

Taking responsibility

Any kind of solution to these issues must balance security with practicality. Suggesting that people simply stop posting images online, or never use dating apps, is not the answer. But drawing their attention to the fact that they can never be completely sure that an image posted online or through an app only exists where it was originally published may be a sobering enough thought for them to reconsider what they share, and how they share it, in the first place.

So, unless images are published in a way that provides robust protection against being downloaded, the questions to be asked are: What is being posted? Where is it being posted and how? How easily can it be seen by others and stolen? And does the person who is publishing this content understand the possible risks in doing so?

While many would be reluctant to give up using social media platforms they’ve become accustomed to, at the very minimum, it’s a good idea to review the current safety tools on offer. These change over time, and it’s easy to overlook new features that may protect accounts and their users as they are introduced, so it’s worth checking current documentation to understand how secure your social media accounts actually are.

Running through friend lists for any duplicate contacts, or others that in some way don’t look right, is also a good idea; you may well trust the hundreds of connections you have on a social media account, but it only takes one account being compromised for problems to start. Noticing spam being posted by a friend suggests their account has been subject to such an attack, which means it might be best to report the activity and unfriend them, and to notify them of this through a different channel.

It may also be worth checking older inactive social media accounts that may still host images. If you’re particularly concerned about a specific image and its availability online, you may wish to perform a reverse search for it through Google Images to see if it can be found somewhere online.

Changing passwords on a regular basis is also a good idea, as is using different passwords across different accounts and enabling multi-factor authentication where possible. The password-saving options within many browsers can be used to save longer and more complex passwords, although third-party tools are also available for this.

If you have a tendency to use the same passwords across multiple sites, or have done so in the past, it’s worth investigating whether your password details may have been leaked at some point. Have I Been Pwned allows you to check whether your email address and other personal information may have got out in a historic data breach.

Final thoughts

Combating the threats outlined above is a significant and complex challenge. They differ from each other with respect to their targets, the nature of their operation, and the intended consequences. The fact that many of these may be considered to be harmful without quite straying into illegality makes them all the more difficult to police. But when we consider just how damaging these can be, and how many people they stand to affect, few would argue that the protections we have right now are sufficient.

No single solution will prevent or stop every threat, and new measures aimed at curbing these often raise questions that aren’t easy to answer. To what degree should we expect age verification systems to work in practice? How can developers of encrypted messaging apps provide their services while complying with the authorities? How do we define hate? And who gets to define it?

Success will depend on a number of factors. Educating online audiences – particularly younger users – on threats and making sure that everyone understands the tools available to combat them is important. Effective enforcement of codes of conduct from regulators will also be key. The ongoing development of a new content attribution model, which promises to deliver greater transparency over online content courtesy of the Content Authenticity Initiative, is also very encouraging.

It’s also conceivable that, as AI improves, smartphone manufacturers may be required to use these tools to detect images that are likely to be problematic as soon as they are captured. Such a move would no doubt be difficult, and would be met with plenty of opposition and privacy concerns, but when you consider the accuracy with which AI tools are currently able to detect nudity, it’s easy to see things moving in this direction.

But unless the ease with which images can travel online in the way they currently do is addressed, many threats will remain. Prevention, as the maxim goes, is better than the cure, and too little has been done to stop image theft in the thirty or so years since the internet has been commercially available. Now, we’re seeing the consequences.

The post Online threats appear to be getting worse. But why? appeared first on SmartFrame.