Photographers And Filmmakers Call For Encryption To Be Built Into Cameras As Standard

from the a-picture-is-worth-a-thousand-passwords dept

Thu, Dec 15th 2016 3:23am — Glyn Moody

Encryption has become one of the key issues in the digital world today, as the many posts here on Techdirt attest. And not just in the tech world, but far beyond, too, as governments grapple with the spread of devices and information that cannot easily be accessed just because they demand it. Techdirt readers probably take crypto for granted, as an increasing proportion of Web connections use HTTPS, mobile phones generally offer encryption options, and hugely-popular mainstream programs like WhatsApp deploy end-to-end encryption. But a recently-published open letter points out that there is one domain where this kind of protectively-scrambled data is almost unknown: photography. The letter, signed by over 150 filmmakers and photojournalists, calls on the camera manufacturers Canon, Fuji, Nikon, Olympus and Sony to build encryption features into their still photo and video camera products as a matter of course. Here's why the signatories feel it's necessary:

Without encryption capabilities, photographs and footage that we take can be examined and searched by the police, military, and border agents in countries where we operate and travel, and the consequences can be dire.

We work in some of the most dangerous parts of the world, often attempting to uncover wrongdoing in the interests of justice. On countless occasions, filmmakers and photojournalists have seen their footage seized by authoritarian governments or criminals all over the world. Because the contents of their cameras are not and cannot be encrypted, there is no way to protect any of the footage once it has been taken. This puts ourselves, our sources, and our work at risk.

That's certainly true, and encryption would place an important obstacle in the way of the authorities seizing cameras and accessing the material they hold. However, it is only an obstacle, not real protection. Assuming encryption is widely implemented in cameras, repressive governments will have a number of options open to them for dealing with it.

They might simply pass laws that forbid the use of cameras that encrypt images. By declaring them illegal, governments could seize them at the border or whenever they are found. However, that's a fairly mild response. If the material on a camera seized by the authorities turns out to be encrypted, many would demand the password. If the photographer is lucky, a refusal might mean being thrown out of the country, probably without the camera. In the worst case, government thugs and criminals may try to obtain the necessary passwords the old-fashioned way -- by beating it out of the phtographer.

What is needed is an approach that avoids those risks. Maybe it would be possible to create hidden partitions on the camera's storage so that sensitive images could be stored there, while giving the authorities access to other less controversial shots. That still runs the risk of the camera being impounded and/or destroyed. Other options might be to transfer the sensitive stuff to tiny wifi-enabled SD cards that are hidden in specially-designed objects -- wristwatches, wallets, pens, buttons, etc. -- or to the cloud, if Net connectivity were available.

Encrypting cameras is certainly a great idea, not least because it helps to make crypto even more mainstream than it already is, and encourages people to expect it everywhere (although Nikon for one doesn't seem too enthusiastic about the proposal). But it's just a first step to address the serious threats faced by photographers in many parts of the world, something that would doubtless benefit from additional kinds of technical ingenuity.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cameras, encryption, filmmakers, photographers

31 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Myself, 15 Dec 2016 @ 3:39am

Send the risky images by satellite connection, so you don't have to leave the country carrying them.
[ link to this | view in chronology ]
- DannyB (profile), 15 Dec 2016 @ 6:24am
  
  Re:
  When visiting a repressive regime, the camera should encrypt the images using a one way key. The only copy of the decryption key is back home and inaccessible to the NSA, FBI, CIA, etc.
  [ link to this | view in chronology ]
Anonymous Coward, 15 Dec 2016 @ 3:50am

Given that these days a camera screams professional photographer reporter, whats wrong with using a phone or tablet, which have inbuilt encryption capabilities, and the connectivity to send the images and videos back to base. That would attract less attention than a professional camera rig,
[ link to this | view in chronology ]
- Ninja (profile), 15 Dec 2016 @ 5:31am
  
  Re:
  This. Regular encryption on cameras would be very good for the casual user that wants minimum protection against theft or regular law enforcement encounters. But for further protection there are other measures that need to be adopted. I like your idea of using the phone as a hub for the camera but I'd go further by adding standalone computers (ie: raspberry pi) that act solely as storage to the footage/photos and automatic backups. You could interconnect all these devices (camera, phone, raspberry) via encrypted wi-fi or bluetooth signals and have all them store the content and keep synchronized with the cloud whenever connectivity is available. You could conceal the hub as an external battery for instance packing a whole lot of extra juice while maintaining a security backup. As cameras get smarter with implementations of Android they too could keep connected and syncing their material with online locations.
  
  This still doesn't solve the "camera-meets-hammer" problem but at least it will make the destruction and leaking of the material much less likely even in more dangerous environments.
  [ link to this | view in chronology ]
  - Anonymous Coward, 15 Dec 2016 @ 5:40am
    
    Re: Re:
    I was assuming that the photographer was away from home, and in particular had borders to cross. The phone or tablet as a camera, and upload to a home base or some file locker gets round the problem of camera/phone/tablet meets hammer, or acquisitive border agent, or police seizing evidence.
    [ link to this | view in chronology ]
    - Ninja (profile), 15 Dec 2016 @ 5:49am
      
      Re: Re: Re:
      Me too. By hub I mean a mobile hub. I mentioned raspberry but there are other possibilities like an Arduino setup.
      [ link to this | view in chronology ]
      - Anonymous Coward, 15 Dec 2016 @ 7:28am
        
        Re: Re: Re: Re:
        A better use would be to leave such a system at home, have it monitor where you drop the files, and copy them on to other storage. That way you move a copy to storage that someone who grabs your unlocked phone cannot easily find or get to.
        [ link to this | view in chronology ]
- Anonymous Anonymous Coward (profile), 15 Dec 2016 @ 9:05am
  
  Re:
  There is a big difference between what a phone or tablet camera can accomplish and what a professional rig can do. There are reasons that professional photographers spend thousands of dollars on them, even some advanced amateurs.
  
  Sending the data, encrypted or not, to a safe server and then deleting them from the recording device seems a better option, though that would limit the ability of the photographer to make adjustments to gamma, brightness, contrast, etc. while waiting for transportation or on a long flight home, or other. If the media is for immediate (or eminent) publication that would put a wrench on post production work.
  
  As said below, better yet to change governments attitudes toward our data, unless they have other reasons for the intrusion, and those reasons should not be because we said so.
  [ link to this | view in chronology ]
  - Anonymous Coward, 15 Dec 2016 @ 9:51am
    
    Re: Re:
    If you are in a country where having a professional camera can get uou into trouble if you try and report what is going on, perhaps you will be better off using a phone and avoiding attracting attention. I know the quality is not as good, but phone quality is better than no pictures or videos, and makes it much easier to to send the videos or pictures somewhere safe.
    
    Besides which I would not bet on traveling into or inside the US, at least by plane, with a professional level camera if you destination is anywhere near something that the US government does not want reported.
    [ link to this | view in chronology ]
Nate (profile), 15 Dec 2016 @ 4:18am

Mr Camera, meet Mr Axe
XKCD raised one of your points re: encryption:
https://xkcd.com/538/

Me, I think the more likely possibility is that an encrypted camera would have a close encounter with an axe. A solid swings and neither the camera nor the storage media will be usable.
[ link to this | view in chronology ]
- Jeremy Lyman (profile), 15 Dec 2016 @ 6:03am
  
  Re: Mr Camera, meet Mr Axe
  Yes, unlike the other cases for encryption where the attacker wants your data, most times the camera attacker just doesn't want you to have your data. Taking or breaking the device is as good as seeing the data. We really need instant worldwide backups and prominent notices, so attackers know that disabling the device will accomplish nothing.
  [ link to this | view in chronology ]
  - Nate (profile), 15 Dec 2016 @ 6:28am
    
    Re: Re: Mr Camera, meet Mr Axe
    Agreed, the attacker would be just as happy to keep you from having the data by destroying it.
    [ link to this | view in chronology ]
Anonymous Coward, 15 Dec 2016 @ 4:48am

a better way would be to have your home VPN server on your home computer, if you have a broadband ISP that allows servers. Comcast, Cox, and Charter all have such service, and some DSL and other broadband providers have it.

You can then install the open source SoftEther VPN server on your Windows computer (Sorry Mac Users, it is not made for Macs), the just be sure to open the right ports on your router for remote access

Then you can periodically upload the images to your home PC, and then delete them from your camera, so that if the camera is seized, the data on it won't be there.
[ link to this | view in chronology ]
- Ninja (profile), 15 Dec 2016 @ 5:48am
  
  Re:
  What if there is no connection? Think war torn zones.
  [ link to this | view in chronology ]
  - Jeremy Lyman (profile), 15 Dec 2016 @ 6:06am
    
    Re: Re:
    Quantum Entanglement Communicators. Boom, solved.
    [ link to this | view in chronology ]
    - Nate (profile), 15 Dec 2016 @ 6:28am
      
      Re: Re: Re:
      fairy dust.
      
      Boom, solved.
      [ link to this | view in chronology ]
      - Jeremy Lyman (profile), 15 Dec 2016 @ 6:48am
        
        Re: Re: Re: Re:
        Hey, I'm no expert but I think that the specialized physical theorists and advanced number dreamers of this great nation could focus on the problem in a more solid and densified manner.
        
        If only there was a more succinct way to describe it...
        [ link to this | view in chronology ]
Anonymous Coward, 15 Dec 2016 @ 5:04am

Encryption should be standard, including pc os.
[ link to this | view in chronology ]
art guerrilla (profile), 15 Dec 2016 @ 5:19am

i know this is crazy talk...
...but instead of slapping on inadequate bandaids, how about we overthrow the borg so we are actually free, not pwetend free ? ? ?
[ link to this | view in chronology ]
- I.T. Guy, 15 Dec 2016 @ 6:02am
  
  Re: i know this is crazy talk...
  Resistance is futile.
  [ link to this | view in chronology ]
Anonymous Coward, 15 Dec 2016 @ 6:00am

Manufacturers
We shouldn't by relying on manufacturers to do this. Instead, buy a camera you can run your own software on, like a smartphone or a CHDK-supported Canon camera, and get a group of people together to implement encryption.
[ link to this | view in chronology ]
tom (profile), 15 Dec 2016 @ 7:43am

Bad idea. No way the camera makers would come up with a common standard AND keep it updated. Better approach is have multiple storage cards. Several have the expected touristy type pictures on them. A couple special cards are used for the worrisome pictures. These are then copied to a second device, encrypted and stored in some game folder as gamedatafile42.dat. If possible, also transmit the files out of area via whatever means are available. Don't overlook using postal mail. Lose the 'special cards' once the data is safe.

This way, the likely bored boarder agent sees several hundred or thousands of non-threatening pictures on the camera you respectfully handed over and you are on your way a few minutes later, camera in hand.
[ link to this | view in chronology ]
Quiet Lurcker, 15 Dec 2016 @ 8:41am

Encrypt the camera????
No.

Just, plain, flat, NO.

Unless you're extremely careful, you can easily loose data. And lost data in this instance can lead to any of weird/wrong/distorted/missing color/shape/lighting/focus/depth-of-field, etc., and so on and so on.

It me only be a small percentage of the data, or even a small absolute amount. But you know what the politician once said about the odd billion or two here and there eventually coming to add up to serious money.
[ link to this | view in chronology ]
Anonymous Coward, 15 Dec 2016 @ 10:29am

More boot-leggers & Baptists B.S.
These are copyright maximalists hiding under the skirts of journalists.

https://en.wikipedia.org/wiki/Bootleggers_and_Baptists
[ link to this | view in chronology ]
- Seegras (profile), 15 Dec 2016 @ 11:32am
  
  Re: More boot-leggers & Baptists B.S.
  Like the drug-prohibitionists in boat with drug-cartels? Sounds likely. Have you lately thrown your DEA into prison? Maybe you should.
  [ link to this | view in chronology ]
AnotherOption, 15 Dec 2016 @ 10:51am

Hardware Addons are a better route
Instead of building the encryption into the camera, make the cameras modular so they can plug in their removable hardware encryption modules. Camera makers are off the hook for any potential litigation.

This would allow the camera to operate as a normal camera when going through customs and remove the theft of property by governments that would then look to the addon hardware that was handed off to a fellow that already passed through security and is at the home office waiting to decrypt.

It would also allow photographers to use modules that are up to date, allow use of their favored encryption scheme and add a number of hurdles to busy body customs agents and governments. Hell, smart phones and PCs should have this option as well.
[ link to this | view in chronology ]
Anonymous Coward, 15 Dec 2016 @ 11:06am

--Other options might be to transfer the sensitive stuff to tiny wifi-enabled SD cards that are hidden

Great, so we can start expecting body cavity searches looking for tiny wifi sd cards that might be hidden there.

A better solution is to simply not have anything suspicious with you when you encounter the authorities. Send the data using some other means.

Or hide the data in plain sight:
https://en.wikipedia.org/wiki/Steganography
"You wanna look at my cat pictures? OK, you gotta see the 6th picture its hilarious!"
[ link to this | view in chronology ]
SteveMB (profile), 15 Dec 2016 @ 11:19am

"They might simply pass laws that forbid the use of cameras that encrypt images. By declaring them illegal, governments could seize them at the border or whenever they are found."

Making that more difficult is one reason to make it a standard feature rather than a specialist add-on. Any country where tourism is a significant revenue generator for Fearless Leader's Swiss bank account can't afford to have the border goons stealing cameras from every tourist from Topeka.
[ link to this | view in chronology ]
Anonymous Coward, 15 Dec 2016 @ 12:55pm

Nerd harder to build in AI to detect & reject porn videos
then use encryption technology not to hide videos, but to tie them to this camera & this individual; include alarm "feature" which can be set off by TSA agents.
[ link to this | view in chronology ]
Anonymous Coward, 15 Dec 2016 @ 2:25pm

They will give them proprietary encryption. LOL
[ link to this | view in chronology ]
Not an Electronic Rodent (profile), 16 Dec 2016 @ 10:25am

Inmportant
Note to the UK government:

They might simply pass laws that forbid the use of cameras that encrypt images. By declaring them illegal, governments could seize them at the border or whenever they are found. However, that's a fairly mild response. If the material on a camera seized by the authorities turns out to be encrypted, many would demand the password. If the photographer is lucky, a refusal might mean being thrown out of the country, probably without the camera. In the worst case, government thugs and criminals may try to obtain the necessary passwords the old-fashioned way -- by beating it out of the photographer.

This is not, repeat NOT, a playbook for how to handle encrypted cameras.
[ link to this | view in chronology ]