Mystic Flow Studios wrote:
Thus, the online image would be fully protected, and useable ONLY by the licensee or the copyright owner.

Or anyone the licensee or copyright owner gave the "software key" too.  So, essentially anyone could use the image.

You're making the same basic mistake that has plagued copyright holders in this post-copyright world.  You want to prevent the people you are giving content to from having that content.  It simply doesn't work for the obvious reaon.  You can either give them content, in which case they have the content, or you deny them the content.  You can't do both.

Schlake wrote:
Or anyone the licensee or copyright owner gave the "software key" too.  So, essentially anyone could use the image.

Since only a licensee or the copyright owner would legally possess the key, the licensee would be in violation of their license, and thus legally liable for the illicit transfer. That part of this particular concept is trivial and simple.

Studio Still wrote:
Any coding an original image has is immediately lost by simply screencaping the image, and dozens of other ways.  I don't see this type of protection as working.

BTW, personal opinion, I don't like it when an OP sets rules for responses.  Not that your rules are unreasonable, I just don't like the concept.  You post what you want, I reply as I want.

My suggestions were not meant to be the final word on the way to proceed, but rather just a starting point. I fully expected others to find holes in my reasonings, and in fact knew there were some there myself, but that is the point of this thread, getting people with specialized knowledge to help to develop a means of better protecting our imagery online.

There are no "rules" stated, btw, only requests for a disciplined approach towards working on SOLVING the problem TOGETHER. That's what a wiki is all about in this case.

Darren Brade wrote:
You're probably not going to like this, but your concept won't work due to the confines of gif, png and jpg standards. You require another graphics format that then needs to be ratified to be a new standard.

Plus you have no real rights over what is stored on other people's web servers. For instance, if I stole your image and put it on my website, you wouldn't be able to write to any of the files stored there.

Interesting concept, but there is more work than just writing an iPhone app.

Thanks for your input. Can you please explain what it is about the cited formats which creates the problems you see? And also why a new standard would have to be developed?

Regarding rights over what is stored on others servers, the idea I put forth would theoretically prevent any useable images from ever making it to anyone else's site. The image would simply be incomplete and unusable without the software key, and would self-destruct on any other site not having the software key.

Surely there are holes in my proposition, but that's why I've posted it as a wiki thread in hopes of developing something that WILL work.

Thanks agin to all for your input. I'm hoping for some deep thinkers to take all of this further up the road.

I'm not expecting a simple solution, but hoping to facilitate the development of a successful approach.

ChiMo wrote:
I can't help but think that somehow that image recognition tech will somehow prove very useful for people trying to protect their copyrights.

I keep envisioning a program that combs the web finding where all your images have been posted. I mean, there's already Google Image search.

My guess is that perhaps a far less robust versions of facial-recognition technology is already being employed by Google Image Search. The hundreds of results one gets when clicking on the link for "Find Similar Images" are generally worth only the laughs they can generate.

In any case, that's likely for a different wiki than this, or at least a sidebar to the main thrust here, in that recognition is not the problem to be solved, but rather protection against misappropriation.

Mystic Flow Studios wrote:
Since only a licensee or the copyright owner would legally possess the key, the licensee would be in violation of their license, and thus legally liable for the illicit transfer. That part of this particular concept is trivial and simple.

Oh, well, if this is just for images that won't be used on a website accessible to anyone except license holders, then you are right, this is trivial.  It won't be a very useful solution though.

Schlake wrote:
Oh, well, if this is just for images that won't be used on a website accessible to anyone except license holders, then you are right, this is trivial.  It won't be a very useful solution though.

You've missed my point, though I can't tell if that was purposeful.

It's not that the website would only be accessible to license-holders, but rather that only the license-holder would have the key with which to view or upload the images in a useable form. That, at least, permits a readily verifiable trail back to the licensee for any online violation of licensing terms.

It's still perhaps a bit of magical-thinking at this point to imagine a way of making the images unusable for anything more than licensee viewing/posting, and it may remain an insurmountable obstacle, but then the point of this wiki is to develop an enabling technology.

Mystic Flow Studios wrote:
You've missed my point, though I can't tell if that was purposeful.

It's not that the website would only be accessible to license-holders, but rather that only the license-holder would have the key with which to view or upload the images in a useable form. That, at least, permits a readily verifiable trail back to the licensee for any online violation of licensing terms.

So only the license holder can see the images on the website?  Is that any different than a website that only license holders can access?

Schlake wrote:
So only the license holder can see the images on the website?  Is that any different than a website that only license holders can access?

No, only the license holder can view them when they are sent or otherwise provided to them along with the software-key.Their posting of them online would require further licensing and perhaps a separate software-key.

The further step required for a generalized online protection is the more difficult, but hopefully not impossible of achievement. We'll see.

Mystic Flow Studios wrote:

So only the license holder can see the images on the website?  Is that any different than a website that only license holders can access?

No, only the license holder can view them when they are sent or otherwise provided to them along with the software-key.Their posting of them online would require further licensing and perhaps a separate software-key.

The further step required for a generalized online protection is the more difficult, but hopefully not impossible of achievement. We'll see.

Ok, so instead of having an image that anyone can view or pass around, you will have an image and a key, that anyone can view or pass around.  And you want to have a separate image and key that you use to give copies of your image to non-licensed people, thus allowing non-licensed people to view your image or pass it around.

There is a famous quote, at least among computer people, that says "If you think cryptography is the answer to your problem then you don't know what your problem is."

You have a choice with regards to giving out images.  You can either give them out, in which case the people you've given them out to have access to them, or you can not give them out, in which case no other people have access to them.  There is no middle ground where you give out images to someone without that someone being able to access them because that would be a contradiction.  If you don't want people sharing your images your  only choice is not to give them images.

Schlake wrote:
Ok, so instead of having an image that anyone can view or pass around, you will have an image and a key, that anyone can view or pass around.  And you want to have a separate image and key that you use to give copies of your image to non-licensed people, thus allowing non-licensed people to view your image or pass it around.

. . .  There is no middle ground where you give out images to someone without that someone being able to access them because that would be a contradiction.  If you don't want people sharing your images your only choice is not to give them images.

Sure, the licensee can violate their license and pass around both the image and its key, but then you have a perfect trace back to the original copyright breech.

Regarding the second sentence in the quote above, that's not what I meant. The licensee could be given a separate license and key which allowed them to post the image online.

That, of course, brings us back to the original purpose of this thread, and to the more difficult propsition: the development of a software technology that would cause the image to disintegrate upon download unless the viewer possessed the software-key.

Mystic Flow Studios wrote:
Regarding the second sentence in the quote above, that's not what I meant. The licensee could be given a separate license and key which allowed them to post the image online.

That, of course, brings us back to the original purpose of this thread, and to the more difficult propsition: the development of a software technology that would cause the image to disintegrate upon download unless the viewer possessed the software-key.

Since the downloader needs the software key to to view the image, they would have gotten it when they downloaded it, or they just downloaded a copy that someone else already unlocked with the key.  Either way, they then have the image.

Schlake wrote:
Since the downloader needs the software key to to view the image, they would have gotten it when they downloaded it, or they just downloaded a copy that someone else already unlocked with the key.  Either way, they then have the image.

The key would be required at the point of the download in order for the download to render the image on the downloader's computer.

Perhaps that would require too much change in the underlying system to ever come to fruition, but that's what I'm here to unearth.

Mystic Flow Studios wrote:

The key would be required at the point of the download in order for the download to render the image on the downloader's computer.

Perhaps that would require too much change in the underlying system to ever come to fruition, but that's what I'm here to unearth.

Right, so they have the key, and the image.  Now they can just share it freely since you gave it to them.

Schlake wrote:
Right, so they have the key, and the image.  Now they can just share it freely since you gave it to them.

Perhaps I wasn't clear enough:

Only the copyright owner and the licensee would possess a key. It would not accompany the image during the upload. Public downloads (see next paragraph) would be pointless because the image would not transfer as a usable image.

I am now seeing Darren Brade's point in his earlier posting to this thread, and would agree that it's likely a new type of image-format (or an add-on to existing formats) which would be required, creating a type of image-file that, while able to be displayed online, would be unusable for most purposes without the software key. In other words, that a *security-shell* was added to the format.

Mystic Flow Studios wrote:
Only the copyright owner and the licensee would possess a key. It would not accompany the image during the upload. Public downloads (see next paragraph) would be pointless because the image would not transfer as a usable image.

People view images by downloading them to their computer.  If the image doesn't transfer then they can't view it.  You can't deny someone the image you want them to have.

AVD AlphaDuctions wrote:
the biggest problem with this (and any of  the other ideas) is that it requires a major change in law pretty much around the world simultaneously.  You can't "DO" anything on someone else's computer without their permission - even to go take back or remove what's not theirs.  First prove the issue in court. then get relief.
Its actually trivially simple to have self-destruct-if-you-arent-allowed systems.   A few were built back in 1996 or so.  Its just illegal to have them execute on someones computer without their permission. Even creating a new image format and building it into some layer of the image won't work. Well yes it will work but its not allowed.
The only way to get it to work is to mandate it by law. By law? yup. and then you have to do it everywhere.

I don't see this as necessarily *doing* anything ON anyone else's computer, and so don't quite get the legal problem you refer to. If the image can't be downloaded in a way that is usable to Joe Public, how have I done anything other than to put it behind a firewall of sorts?

BTW, I think that perhaps you are responding to my initial propositions which, as was intended then, have been modified somewhat in succeeding discussion here. Also, see "(D)" in the original post.

Mystic Flow Studios wrote:

I don't see this as necessarily *doing* anything ON anyone else's computer, and so don't quite get the legal problem you refer to. If the image can't be downloaded in a way that is usable to Joe Public, how have I done anything other than to put it behind a firewall of sorts?

BTW, I think that perhaps you are responding to my initial propositions which, as was intended then, have been modified somewhat in succeeding discussion here.

understood. but if the image CAN be downloaded by a valid user then the only way to prevent them from sharing it with others is via a self-destruct.  If you dont have a self-destruct then you  cant control where it goes (deliberately or accidentaly)

I'm sure you have read about the 'john doe' search warrants issued by firms representing the movie and music industry?  They are fighting just to get a name from an IP address. your task would be much worse.  you would have to go through all that AND prove that the file definitively was shared deliberately by someone.  And thats next to impossible. the plausible defence is someone got hacked or shared computer.

its stupid to let yourself get hacked or be part of a zombie bot army but its not illegal.  in fact, once you implement a system like this then those files become fun targets for attack. "lets see if we can find some of those fancy files on a computer and cause a lot of pain to the user".

AVD AlphaDuctions wrote:
understood. but if the image CAN be downloaded by a valid user then the only way to prevent them from sharing it with others is via a self-destruct.  If you dont have a self-destruct then you  cant control where it goes (deliberately or accidentaly)

I'm sure you have read about the 'john doe' search warrants issued by firms representing the movie and music industry?  They are fighting just to get a name from an IP address. your task would be much worse.  you would have to go through all that AND prove that the file definitively was shared deliberately by someone.  And thats next to impossible. the plausible defence is someone got hacked or shared computer.

There is no "valid downloader". The only person(s) permitted unfettered access to the copyrighted image are those who have been licensed, given an image copy, and given a software key.

If it is posted, it's done in such a format that it can't be downloaded in a usable form by anyone else. Thus, any unlocked copies can only have come from either the copyright-owner, or the licensed user, in which case you already have your culprit named when and if an unlocked copy is distributed or uploaded.

In the case of a protected file being *uploaded in its protected form*, the general public would only be able to download an unusable file.

Mystic Flow Studios wrote:
There is no "valid downloader". The only person(s) permitted unfettered access to the copyrighted image are those who have been licensed, given an image copy, and given a software key.

If it is posted, it's done in such a format that it can't be downloaded in a usable form by anyone else. Thus, any unlocked copies can only have come from either the copyright-owner, or the licensed user, in which case you already have your culprit named when and if an unlocked copy is distributed or uploaded.

In the case of a protected file being *uploaded in its protected form*, the general public would only be able to download an unusable file.

how do you propose the licensees get their copy and key without downloading them?  Once it is on their computer and the key is used all bets are off.  if it were that easy, the movie and music industry would have done it years ago. As I mentioned before, variants of this have been tried. I actually built one that did more. It not only had the self-destruct but it embedded codes into the data stream (steganography) to make each image unique and identifiable with person x.  But at the end of the day, you still can't prove without a lot of work and a lot of fail that the person who is the valid licensee is the one who shared it with others.  so you are back to square one.

AVD AlphaDuctions wrote:
how do you propose the licensees get their copy and key without downloading them?  Once it is on their computer and the key is used all bets are off.  if it were that easy, the movie and music industry would have done it years ago. As I mentioned before, variants of this have been tried. I actually built one that did more. It not only had the self-destruct but it embedded codes into the data stream (steganography) to make each image unique and identifiable with person x.  But at the end of the day, you still can't prove without a lot of work and a lot of fail that the person who is the valid licensee is the one who shared it with others.  so you are back to square one.

The original file and it's key can be conveyed via a private gallery perhaps, or the key sent to them separately from the file. If the licensee is the only one given the key, and has agreed to handle it securely via agreed-upon methods, then they are the one responsible for its security at that point.

I'm well-impressed by what you have already tried, btw, and thank you for your participation. Here's hoping that you are able to add a lot to this wiki's progress, and that yours and other well-informed minds can help us to solve this together.

Mystic Flow Studios wrote:
The original file and it's key can be conveyed via a private gallery perhaps, or the key sent to them separately from the file. If the licensee is the only one given the key, and has agreed to handle it securely via agreed-upon methods, then they are the one responsible for its security at that point.

I'm going to change a few words here....

The original image can be conveyed via a private gallery perhaps.  If the licensee is the only one given the image, and has agreed to handle it securely via agreed-upon methods, then they are the one responsible for its security at that point.

There we go.  Now we have the same security provided by your system without any of the work in adding secure keys and breaking apart an image and rebuilding the image at the other end.  This could be implemented today, right now, with no work on anyone's part aside from licensing the person you are giving images too!

Mystic Flow Studios wrote:
The original file and it's key can be conveyed via a private gallery perhaps, or the key sent to them separately from the file. If the licensee is the only one given the key, and has agreed to handle it securely via agreed-upon methods, then they are the one responsible for its security at that point.

Schlake wrote:
I'm going to change a few words here....

The original image can be conveyed via a private gallery perhaps.  If the licensee is the only one given the image, and has agreed to handle it securely via agreed-upon methods, then they are the one responsible for its security at that point.

There we go.  Now we have the same security provided by your system without any of the work in adding secure keys and breaking apart an image and rebuilding the image at the other end.  This could be implemented today, right now, with no work on anyone's part aside from licensing the person you are giving images too!

I noticed the same thing in his post.   It seems to me that you are no more secure with the OP's method than any method once you have passed both the image and the key to the third party.  None of this does anything about online posting of images.

The reality is that, in the online world, image protection has become more complex.  I am not sure that there is any technology that will fix it, and if it does, won't merely be hacked.

There are people out there a lot smarter on the subject than any of us here.  I am sure this has been looked at 100,000 times, and if an easy solution was there, it would have been in place a long time ago.

Electronic copy protection didn't work for DVD's.  The scheme was simply broken by the hackers and today rippers are everywhere.

Mystic Flow Studios wrote:

The original file and it's key can be conveyed via a private gallery perhaps, or the key sent to them separately from the file. If the licensee is the only one given the key, and has agreed to handle it securely via agreed-upon methods, then they are the one responsible for its security at that point.

I'm well-impressed by what you have already tried, btw, and thank you for your participation. Here's hoping that you are able to add a lot to this wiki's progress, and that yours and other well-informed minds can help us to solve this together.

actually the method of conveyance is largely irrelevant (except for the question of usefulness). It is the technical issue of enforcing once the file is cobbled together on the recipient's workstation.  All you have done is add to the security of the transaction but for the file to be at all useful to the recipient/licensee it has to be too 'available'. The scalability of enforcement is always going to be the issue. Making someone responsible when they can claim theft, hacking etc etc is just not going to fly.  What I'm trying to say indirectly and probably should have been more blunt, is that brilliant minds were paid big bucks several times along the way in an attempt to develop just this and every time it fails.  its not a security problem its a scalability problem.  it does not scale to large numbers of people and it does not scale beyond private purchase.  thats great for private collectors of rare images but not great for someone who wishes to use your image to sell their stockings. "wanna see how cool these stockings look? download this file and decrypt and sign this agreement. once you are in spank bank heaven, come back and we will tell you how to purchase them".

GPS Studio Services wrote:

Mystic Flow Studios wrote:
The original file and it's key can be conveyed via a private gallery perhaps, or the key sent to them separately from the file. If the licensee is the only one given the key, and has agreed to handle it securely via agreed-upon methods, then they are the one responsible for its security at that point.

I noticed the same thing in his post.   It seems to me that you are no more secure with the OP's method than any method once you have passed both the image and the key to the third party.  None of this does anything about online posting of images.

The reality is that, in the online world, image protection has become more complex.  I am not sure that there is any technology that will fix it, and if it does, won't merely be hacked.

There are people out there a lot smarter on the subject than any of us here.  I am sure this has been looked at 100,000 times, and if an easy solution was there, it would have been in place a long time ago.

Electronic copy protection didn't work for DVD's.  The scheme was simply broken by the hackers and today rippers are everywhere.

to be fair, DVDs used a stupid system that had the keys pre-supplied.  but even before a 14-year old wrote that code others were just capturing the data stream going to the screen and re-encoding it as a movie file.  Anything that goes to the screen or a webpage can be scooped up.

MC Photo wrote:
What if we replaced copyrights with better TOS agreements. Like when you join connect to tumblr, you agree to pay a severe penalty for any unlicensed use. Then tumblr can pursue the thief, split the money and have a business model.

Or, better yet, do it at the ISP level. They're already billing the user. Just charge the ISP for every user theft and let them pass the cost along to the user.

No one would want to be in that position until they were forced and saw how much money the could skim like PayPal.


Make contractual instead of copyright based. It's far easier and there's no claiming "I didn't know" and there are no issues with orphaned works. It doesn't matter if there's a copyright, you downloaded it, this is what you pay.

sorry to sound negative but none of these is remotely feasible. 

Sites that enforce penalties for breach of TOS are sites that fail.  Like it or not, the internet mostly works on a 'free' model. The only pay-model sites that work are those that cannot be duplicated by others using a different business model.  You can't turn back the clock on that.  not to mention the whole appeal of sites like tumblr is that you can view and link to images on it without being a member.  nice to think about but not gonna fly not even remotely.  you cant enforce contracts that nobody will sign.  If tumblr or anyone else tries to change to a contract model, another site will be up within days/weeks to replace them.  They are not stupid. They will see no benefit and not do it.

As for the ISP, how do you do that? you are not the ISPs customer. You have no business relationship with them and there is an actual statute (LAW) that specifically deals with this and protects them from you demanding money.  How do you charge them for it?

GPS Studio Services wrote:
Electronic copy protection didn't work for DVD's.  The scheme was simply broken by the hackers and today rippers are everywhere.

The problem is the same here.  You are trying to prevent the people you are giving access to from having access.  It's a contradiction.  They either have access, or they don't, there isn't a case where they have access without having access.

MC Photo wrote:
What if we replaced copyrights with better TOS agreements. Like when you join connect to tumblr, you agree to pay a severe penalty for any unlicensed use. Then tumblr can pursue the thief, split the money and have a business model.

What we need to realize is that we are in a post-copyright world, at least as copyright has traditionally been defined, and adapt to reality.  Copyright has always been about controlling the manufacture of the physical media that so-called "intellectual property" is inscribed onto.  But those days are gone.  Most "intellectual property" no longer needs a physical manufacturing process to duplicate it.

GPS Studio Services wrote:

I noticed the same thing in his post.   It seems to me that you are no more secure with the OP's method than any method once you have passed both the image and the key to the third party.  None of this does anything about online posting of images.

The reality is that, in the online world, image protection has become more complex.  I am not sure that there is any technology that will fix it, and if it does, won't merely be hacked.

There are people out there a lot smarter on the subject than any of us here.  I am sure this has been looked at 100,000 times, and if an easy solution was there, it would have been in place a long time ago.

Electronic copy protection didn't work for DVD's.  The scheme was simply broken by the hackers and today rippers are everywhere.

AVD AlphaDuctions wrote:
to be fair, DVDs used a stupid system that had the keys pre-supplied.  but even before a 14-year old wrote that code others were just capturing the data stream going to the screen and re-encoding it as a movie file.  Anything that goes to the screen or a webpage can be scooped up.

I agree, but it seemed like a good idea to them at the time.   I just don't think there is any viable way, electronically, to protect an image once it has gone to the web.  Likewise, I don't see any way to electronically protect an image once it has gone to the client.

I mean, if you give them a printable image, they can print it, scan it and then it is on its way again.  So, we are on the save wavelength.

Schlake wrote:

Or anyone the licensee or copyright owner gave the "software key" too.  So, essentially anyone could use the image.

You're making the same basic mistake that has plagued copyright holders in this post-copyright world.  You want to prevent the people you are giving content to from having that content.  It simply doesn't work for the obvious reaon.  You can either give them content, in which case they have the content, or you deny them the content.  You can't do both.

Well, you are correct, but the person who writes the "software key" or EULA (End User License Agreement) could put in it that as part of the terms, that the copyright owners retain full ownership and rights to their images and that they are only permitted to view the images included in the software.  A lot of legalese goes into those things.

Isaiah Brink wrote:
Well, you are correct, but the person who writes the "software key" or EULA (End User License Agreement) could put in it that as part of the terms, that the copyright owners retain full ownership and rights to their images and that they are only permitted to view the images included in the software.  A lot of legalese goes into those things.

And that differs from the existing situation how exactly?  Copyright holders already retain full ownership and rights to their images...

Schlake wrote:

And that differs from the existing situation how exactly?  Copyright holders already retain full ownership and rights to their images...

this is an attempt to facilitate enforcement of the existing rights by preventing unauthorized use.  I happen to think that prevention won't work but it is a worthwhile objective.