Profile pictures allow us to show the world how we want to be seen, but we should carefully consider the images we end up choosing

How do you decide which profile picture to use for your social media profile?

Most of us will be members of social media and networking platforms, and will have been prompted to upload a profile picture when we signed up for an account.

But what influences our decision on the image we end up choosing?

The most obvious answer is that we pick an image that we consider to be flattering. We may even edit it in some way, perhaps to smooth our skin or remove slight imperfections.

The platform itself also matters. Whereas we may opt for a professional image for LinkedIn, we’re more likely to lean towards something that shows more of our personality, sense of humor or interests on Instagram or Facebook.

Whatever the site or platform, profile pictures are one of the first things people notice when coming across an online profile, and so we tend to place more value on them than on other images. But why should we be particularly careful with our choice of profile picture?

How profile images are treated differently

The degree of control we have over the public visibility of any content we publish will vary from platform to platform, but profile images are often treated differently from other images we upload.

Many sites will not allow us to hide these images from public view in the same way that we can hide other images we publish. Cover and profile images on Twitter, for example, are always publicly visible. Facebook also states that your profile picture and cover photo are always public, specifically so that people can recognize you (and this extends to details such as your gender, age range and networks). The only control you have here is over who can see content related to the image, such as likes, comments and so on.

LinkedIn, meanwhile, provides the option of changing the profile picture’s public visibility, but the default option is that the image can be seen by anyone. And because of this, this is how many people will end up leaving it.

Such images are also often indexed by search engines, where they can be accessed and copied by anyone, regardless of whether they are members of that platform.

It’s also worth remembering that as more professional images are likely to show us in a way in which we can be easily identified, such images are also likely to be used legitimately by others. Businesses and organizations may use these on About Us or Meet The Team pages, for example, or when publicizing events in which the individual is involved. Because of this, you may not always have visibility over where and how these images are used, but the more an image is used online the greater the risk of it being stolen and used without the individual’s consent.

But exactly what use is such an image to someone who may not have the best intentions?

Before we explore this, it’s worth thinking about what happens when it’s revealed that a site is subject to a data breach, where personal details are scraped and uploaded elsewhere without authorization.

It’s likely that, at some point, you will have received an email from a website or platform of which you are a member informing you that this has happened, and that you should change your password to minimize any unauthorized access to your information. Browsers even now prompt you to do this if they detect a password has been compromised.

The leaked data may include details that are either not easy or practical to change – an address, for example – but changing a password, and having a third-party service or our browser remember it for convenience, is straightforward and takes a matter of seconds.

We aren’t told when someone copies an image of ours in the same way that we may be informed when our account has been compromised – but then passwords and profile pictures are not the same thing. Admittedly there is some overlap; the use of images to successfully obtain unauthorized access to a phone has been noted. But even in this case, the risk is somewhat limited as the malicious user would need both a user’s device and an image sufficiently high in quality for this to be a potential issue.

Nevertheless, many other risks from this kind of image theft remain, as a number of news stories from the past few years have made clear.

The scraping of over 3bn publicly available images from social media sites by a facial recognition company made headlines a few years ago, prompting Google, Twitter, LinkedIn and others to send cease-and-desist letters to the company. The company in question claimed that its services were helping hundreds of law enforcement agencies in the US, but few would agree that such claims justified the theft of so many images in the first instance.

Lack of transparency is also a problem. Exactly what data does such a company have on you? And who can access it? And what happens if the database itself is hacked?

Not knowing these things understandably creates fear – but knowing them doesn’t necessarily make things better if you have no control over this information.

Earlier this year, the launch of a facial-recognition tool, one that appears to work on the principle of matching an uploaded image to those within a database of publicly accessible photos, caused controversy, not least because the service can be used by anyone without charge. Even registering for an account is not necessary; users simply need to accept a privacy policy and agree to the site’s terms to gain (admittedly limited) access to its service.

Much like before, the company behind the tool claimed it was a force for good, and that it had been designed to help people find unauthorized usage of their images. The company also highlighted that its privacy policy prevents people from using it for harm. But, as Eddie Izzard humorously noted in the video below, the reality is that nobody reads privacy policies or terms of use, and all that is required here is that a couple of boxes be ticked.

As a deterrent against illicit activity, it clearly falls short. But, more concerningly, such a tool makes it even easier for anyone looking for compromising information on an individual – whatever their motivation. They don’t even need to type their name into a search engine. From a stalker looking to for details about a person’s whereabouts to a company looking for compromising information on an employee or rival, it’s easy to imagine how these kinds of tools can end up being abused.

Harm isn’t limited to the person whose images are being stolen either, as the many forms of catfishing prove.

Victims could easily be friends and relatives. One common scam involves setting up a duplicate social media account using such an image and convincing friends of the victim that this is in fact their new account. Once connected, the victim may then be coaxed into revealing personal or financial information.

Victims could even be complete strangers. Stolen images are commonly used to lure people into relationships online under the pretense that the victim is communicating with the individual shown in the image, usually (but not always) for financial gain.

What’s the solution?

Anyone who uses these kinds of platforms is at the mercy of their creators, and must accept certain shortcomings around protection if they’re to use them as they’re intended. While it’s possible to share images on social networks and networking sites securely, as we have seen, the protection these platforms provide for profile pictures is typically suboptimal.

But while you may not be able to control how a platform presents your profile picture to others, nor how someone ends up using an image you’ve made public, you obviously do have control over the kind of image you upload to begin with.

Profile pictures rarely need to be high in resolution, so a low-resolution version should be used where possible.

You may also wish to restrict personal images to closed sections of a social media site, those to which only connections have access, and to keep profile images more generic (and to remember this when changing profile images). You may also want to revisit older images on these profiles and consider deleting them too.

Some images will also naturally be less susceptible to theft than others, such as those that don’t show the subject clearly. This could be because the subject is at a distance, or occupies a small portion of the image for some other reason, or perhaps because they are wearing a pair of sunglasses or a hat that obscures certain facial details.

And while it may not be possible to set a different level of access to profile pictures to friends and strangers, some sites do indeed offer this, so it’s worth checking just to be sure.

These steps should provide greater protection against image theft and misuse, and any potential harm that can result from this, but it’s worth bearing in mind that these tools are only likely to improve as AI and other technologies that power them become more advanced. That might be a distressing thought, but if it makes you reconsider the images you publish, and the ways in which you publish them, it will only benefit you in the long term.



Related articles