Protecting your Intellectual "Property"

So the discussion concerning what constitutes intellectual "property" (talk of scarce goods, do I own my own thoughts/data-machine, etc.) aside, many creators of content wish to "protect" their creations (art and what-not), and understandably so.

Traditional copyrights are rapidly becoming obsolete in the age of widespread p2p technology, cloud-computing/file-hosting and darknets.  Not to mention the fact that seeking legal recourse to a traditional copyright infringement is liable to bankrupt all but the most well financially-endowed.

Old-school tricks (as in, late 90's) a la disabling "right-click"  using JavaScript are in no way preventing people from downloading and using your images.  If the image is showing on your webpage, each visitor who loads your webpage has a copy of that image on their machine.  So there's a few things you can do to prevent your original material from being used by others.

1.) Don't publicly publish your material.  This especially goes for things like photos of your children.  A publicly viewable blog/webpage is no place to be pasting the image of your (or anyone else's) offspring.  Want to show off pictures of the kids to your family?  Well of course, but public blogs is *not* the way to do it if you have any respect for your posterity.  Wait until they are old enough to grant informed consent (like you would for any other human).  Now, this does not help with the aforementioned intellectual property (content that you have authored/created), so let's peruse some other options for these things.

2.) Only publish images that have a watermark.  I will not go into detail on this, just search scroogle.org (scroogle.org is a way to search the net without playing into google's marketing/profiling scheme) for "photoshop watermark tutorial youtube" (change search to reflect your image manipulation program if you're not using photoshop).  Putting out watermarks allows you to advertise without giving away the original/usable image.

3.) My personal favorite.  Cryptographically sign your image files.  Yes, that sounds technical (most things in life worth doing are), but it is not that hard to get the hang of the basics to give strong security to your images.

So, I haven't touched a MS (Windows) system in yeeeeeeears, so this tutorial is geared more towards Linux (I'll try to give adequate references for Windows users)

So, if you are on Windows, download the program "gpg4win" (gpg4win.org).  There is a ton of user information for the program.

If on Linux (I'm using Ubuntu. . .yes, go ahead and laugh) open the terminal and enter

sudo apt-get install gpg
(enter password)

Alright?  Good.

Oh yeah, now you need what is called a "key".  I won't go into the mathematics of gpg keys, suffice it to say, make it the strongest allowable.

In linux, enter
gpg --gen-key
follow the prompts

In Windows, consult the documentation for gpg4win on creating a new keypair.  There may be a way to do all this with simple DOS prompt commands, but again, I don't deal with Windows myself.

Now, there's lots of nifty stuff you can do with GPG like secure email encryption (yes, regular email is the equivalent of sending your personal mail on open-faced postcards.  Email encryption ensures that only the intended recipient can view the message), protecting sensitive files on your hard drive, and many other things besides.

What we're going to use it for in this tutorial is a little function called "detached signature".  What this does is it creates a .sig file to accompany your image file (.gif, .jpg, whatever).

"So?"

Ahh, glad you asked.  Since strong cryptography keys are thus far unbreakable (and it seems they will be until the advent of quantum computing, and even then quantum encryption is already being developed) and unforgeable  (it's harder to forge a cryptographic signature than it is to forge a hand-written one), the signing of your file with your signature validates you as the original owner of the image (since if anyone else tries to sign it, it will be an younger signature).

So, for linux users, open your terminal.

cd /directory-of-image-file

gpg --detach-sign image.gif (this works for any image file, I'm just using .gif for the example)
enter your passphrase

A file has now been created in the directory (that's "folder" for you Windows users) that has the same name as the image, but with .sig after it (for example, image.gif.sig)

The image looks just the same, but can now be verified with

gpg --verify image.gif.sig image.gif  (assuming you're still in the directory containing these 2 files)

If the file is modified in any way, an error is returned.  If it is the original with the good signature, it will state as much.


So, what this means is, if you sign your work, and store the original image file (and the .sig file) in a safe place, you have a validated copy of your design.  You can copy the image, use it on your website, product, whatever.  If someone else is using your image for profit without your permission, you can present the signed copy (original image + the accompanying .sig file) to prove precedence.

In developing economies, the classic "web of trust" is developing to inter-operate with an accompanying "web of reputation" (some tasty algebra/calc discussion on this topic to come!).  In the case of crypto-signed content, it is viewable/usable by anyone (just like it is now on your blogs/webpages/etc) but anyone trying to claim authorship of your content will lose reputation by doing so (I remember a scripture verse about "a good name is to be cherished above gold/silver" <--paraphrased.  Well, this is how it plays out into the technical realm)

In short, use a watermark since you're already using an image manipulation program

P.S. Look into Creative-commons share-alike license vs traditional copyright.