Personal Rights Management- Enabling Privacy Rights in Digital Online Content

With ubiquitous use of digital cameras, e.g. in mobile phones, privacy is no longer threatened by governments and companies only. A new threat exists by people, who take photos of unaware people with no risk and little cost anywhere in public and private spaces. Fast distribution via online communities and web pages expose an individual’s private life to the public. Social and legal measures are taken to deal with this, but they are hardly enforcable. We propose a supportive infrastructure aiming for the distribution channel such that if the picture gets publicly available, the exposed individual has a chance to detect it and take action. Protection of personal privacy has become a major issue. Most of the current work assumes an asymmetric model; the violator is an institution, while the victim is a person. Recently, a new privacy thread has emerged. An increasing number of people are equiped with miniature cameras, taking photos anywhere and anytime, thus endangering privacy when they publish the photos. Countermeasures, like penalties or a ban on cameraphones have proven insufficient, as a growing number of websites promoting such photos (e.g. the Mobile Asses website [1]) shows. As it is infeasible to enforce a broad ban on cameraphones or artificially inhibit their usage by technical measures (e.g., simulated shutter noise), we propose a novel way to complement such measures: we attack the distribution channel. If a picture of a person is taken and published, the victim has a good chance of being the first to find this picture, enabling her to request the pictures removal or invoke legal action in time. Three major players are in our setting: the photographer (Bob), the individual (Alice), and the search engine. Bob is the photographer using a cameraphone. We assume that Bob should not to be prevented from taking the pictures and have his identity protected as long as he does not infringe the rights of anybody. Alice is being photographed by Bob. The interest of Alice is that she has some control over pictures taken of her, so we assume this picture should not be distributed without her consent. We grant her this option: If a picture of her is taken and published, she can find out early. Alice uses a receiver, which registers the identities of pictures taken in her vicinity. The receiver is her own mobile phone or a piece of hardware. It can also be integrated in the infrastructure provided by external parties, for instance, the owner of a discotheque or the GSM ? Mina Deng is funded by research grants of the Katholieke Universiteit Leuven, Bel-