IMG_4615-Edit

The photo, the net and the law

IMG_4615-EditDigital technology and the net are reforming so many things, among them photography. Do you remember when we used to develop films with 2 or 3 summer holidays on the same roll, and then bury the prints deep in the family album? Now we can snap hundreds of shots a day and share them on the net in real-time. If you are lucky your shared shot or video can get more viewers than a small newspaper has readers. The newspaper is made by professionals who know the ethical and legal aspects of publishing. But do you know? How do you decide if it is OK to publish a shot or not? Or to take the photo in the first place? With common sense? That’s OK, it’s a good start. But I suggest that you get familiar with some of the basic legal aspects too.

You know how it is to ask a lawyer if something is legal or not. It’s impossible to get a straight answer. I start to understand why when digging into this problem. There are really so many aspects that matter and many things that aren’t black and white (no pun intended). And on top of that, the international aspect. Laws are different in every country. I have been looking a long time for a good and comprehensive guide that covers photo law in different countries. In vain so far.

That’s an indication about how big and complex the issue is. But I’m going to give it a try anyway. I have tried to list the basic principles in a very compact form. This list can’t be very precise as it isn’t country specific. So be aware that the law in a specific country can differ from what’s stated below. But the risk that your camera puts you in trouble should be significantly lower if you know at least these principles.

To take a photo

  • It is generally OK to take photos in public places, but some limitations may apply.
    • Taking photos that present a person in a defamatory way may be banned.
    • Taking photos of police officers may be banned.
    • Taking photos of military installations and critical infrastructure may be banned.
    • Taking photos of monumental buildings may be restricted or banned.
  • It is generally OK to take photos of other persons without permission in public places, but some may have a personal problem with that. It’s polite to comply and cease shooting if someone complains, but these persons do typically not have any legal right to prevent others from photographing them. Unless the shooting can be seen as harassment. Also keep in mind that there may be cultural restrictions. It’s for example considered bad habit to photograph priests, monks and nuns in some countries.
  • What’s a public place has typically nothing to do with ownership. It’s a place that the public has free access to, even if it isn’t owned by a public institution. Events and transportation that the public can buy tickets to freely do typically also qualify as public places.
  • Some public places, like shopping centers or shops, try to limit or ban photography. Those rules may or may not be legally binding, depending on local legislation. Many shop owners seem to know as little as their customers about the laws regulating photo.
  • Photography is typically not allowed without permission in private places and events for invited guests. You should always ask for permission before taking a shot in someone else’s home. Regardless what your local law says, that’s common sense IMO.
  • Vehicles where you can stay overnight may be considered private places just like homes. Ordinary cars do not belong to this category.
  • Taking photos of kids is typically no different from other kinds of photography from legal point of view. Many parents have however became wary about having pictures of their kids online because of increasing media coverage about pedophilia. So it’s best to be careful when shooting others’ children. Talk to the parents first, if possible.
  • Remember that knowing the law and your rights to photograph is important, but so is common sense. If you face a photography ban that is in violation of your legal rights, it’s up to you if you want to challenge the ban or save both parties some trouble. Is it worth it?

Copyright and licenses

  • The creator of a creative work, like a photo or a video, has automatically the right to decide about how the work can be used, and to be compensated if the work creates profit. It’s a bit like ownership and it is called copyright.
  • Copyright exists automatically. You do not have to apply for it, register the work somewhere or even put a copyright statements in the corner of your photo.
  • The copyright holder is the person who has done the creative work, i.e. came up with the idea for the photo. It doesn’t matter who pressed the shutter button or who owns the camera.
  • Copyright can be transferred to someone else, which is like giving away the ownership. The copyright holder can also grant licenses to use the work. It is very important to understand the difference between these two.
  • There are no usage rights by default. It means that you basically can’t do anything with a photo taken by someone else without permission from the copyright holder. And vice versa for others using your shots. There are however exceptions to this. The fair use concept in US is one example. It states that minor insignificant use is OK without permission, like use for private or some educational purposes.
  • If you own the copyright, you have free hands to grant, or refuse to grant, others the right to use your photo. Such rights are called a license. A license can be any kind of free form statement that:
    • Specify what work it affects.
    • Specify who it grants rights to, or grant rights to anyone who want to use the work.
    • Can specify how the copyright holder shall be compensated.
    • Can demand that the copyright holder shall be attributed.
    • Can limit the rights to a defined period of time.
    • Can limit the rights to a specific kind of use.
    • Can limit the rights geographically.
    • Can be exclusive, meaning that the copyright holder agrees to not grant any conflicting licenses to others.
  • Creative Commons (CC) is a widely used ready-made system for granting generic licenses to use your photos. This is a nice way to share shots if you don’t mind others using them for free. There are several kinds of CC-licenses, for example licenses that exclude commercial use.

 To publish a photo

  • Remember that taking a photo and publishing it is two different things. You do not necessary have the right to publish even if it’s OK to take the photo.
  • You can generally publish your own shots freely as long as it is done as a private person on a hobby basis. Like sharing on Facebook or Flickr.
  • Publishing a shot that presents a recognizable person in a defamatory situation, state or context is most likely illegal.
  • Be careful when publishing pictures of others’ children. It’s typically legal, but the parents may have issues with it.
  • People usually can’t prevent others from photographing them in public places, but they have the right to decide if shots of them can be used commercially. An approval of this kind is called a model release. It is a document where a person who is recognizable in the picture grants rights to use the image. A similar property release may sometimes be needed for shots showing buildings etc.
  • Some companies are guarding their brands rigorously. They may have a problem if they see their brand exposed in a published photo in a way they don’t like. You may get a letter that threat you with legal actions unless you remove the photo. There’s typically little or no legal substance behind these threats, as companies and brands typically aren’t protected against libel etc. in the same way as individuals. You may comply, ignore them or ask for more details about what paragraphs they refer to and under what jurisdiction. That may make them go away.
  • You do by default not have any rights to publish others’ photos (exceptions exist, see for example fair use in US). Many photographers are however adopting a liberal attitude against sharing and publish their work under a CC-license, or similar. If you need to illustrate something, you can search the net for CC-images for example on Flickr. This is how I get most of the pictures I use in these blog posts. Remember to credit the photographer! That’s a small token of appreciation compared to the value you get.
  • But what about sharing in social media, Facebook for example? If you take a picture file and upload it so that it is visible to anyone, then it is definitively publishing. But sharing a photo that someone else has uploaded to Facebook is totally different. What you do is really to tell others that the picture exist and where they can find it. You just share a pointer to it, not the image itself. That is of course always OK and only limited by the privacy settings of the photo.

As said. This summary is an attempt to list some generic fundamentals that should be valid pretty much everywhere. That’s a good start, but if you are a serious photographer you should educate yourself with more accurate info for your own country. Also, what’s said about photos also applies to video.

Do you know of a good source that covers international photo law? Or a good guide for your own country? Then post a link as a comment to this article. Maybe there isn’t a comprehensive international guide, but a collection of links to guides for different countries is almost as good.

And finally. Quoting an excellent tweet from @Mikko. “Remember that legal advice you find on the net is worth every penny you paid for it.” Nice disclaimer, isn’t it. :)

More posts from this topic

bash

Shellshock only concerns server admins – WRONG

Yet another high-profile vulnerability in the headlines, Shellshock. This one could be a big issue. The crap could really hit the fan big time if someone creates a worm that infects servers, and that is possible. But the situation seems to be brighter for us ordinary users. The affected component is the Unix/Linux command shell Bash, which is only used by nerdy admins. It is present in Macs as well, but they seem to be unaffected. Linux-based Android does not use Bash and Windows is a totally different world. So we ordinary users can relax and forget about this one. We are not affected. Right? WRONG! Where is your cloud content stored? What kind of software is used to protect your login and password, credit card number, your mail correspondence, your social media updates and all other personal info you store in web-based systems? Exactly. A significant part of that may be on systems that are vulnerable to Shellshock, and that makes you vulnerable. The best protection against vulnerabilities on your own devices is to make sure the automatic update services are enabled and working. That is like outsourcing the worries to professionals, they will create and distribute fixes when vulnerabilities are found. But what about the servers? You have no way to affect how they are managed, and you don’t even know if the services you use are affected. Is there anything you can do? Yes, but only indirectly. This issue is an excellent reminder of some very basic security principles. We have repeated them over and over, but they deserve to be repeated once again now. You can’t control how your web service providers manage their servers, but you can choose which providers you trust. Prefer services that are managed professionally. Remember that you always can, and should, demand more from services you pay for. Never reuse your password on different services. This will not prevent intrusions, but it will limit the damage when someone breaks into the system. You may still be hurt by a Shellshock-based intrusion even if you do this, but the risk should be small and the damage limited. Anyway, you know you have done your part, and its bad luck if an incident hurts you despite that. Safe surfing, Micke   PS. The best way to evaluate a service provider’s security practices is to see how they deal with security incidents. It tells a lot about their attitude, which is crucial in all security work. An incident is bad, but a swift, accurate and open response is very good.   Addition on September 30th. Contrary to what's stated above, Mac computers seem to be affected and Apple has released a patch. It's of course important to keep your device patched, but this does not really affect the main point of this article. Your cloud content is valuable and part of that may be on vulnerable servers.  

Sep 26, 2014
BY Micke
Unbenannt-3-1

How should we deal with defamation and hate speech on the net? – Poll

Everybody probably agree that the net has developed a discussion culture very different from what we are used to in real life. The used adjectives vary form inspiring, free and unrestricted to crazy, sick and shocking. The (apparent) anonymity when discussing on-line leads to more open and frank opinions, which is both good and bad. It becomes especially bad when it turns into libel and hate speech. What do you think about this? Read on and let us know in the poll below. We do have laws to protect us against defamation. But the police still has a very varying ability to deal with crimes on the net. And the global nature of Internet makes investigations harder. Most cases are international, at least here in Europe where we to a large extent rely on US-based services. This is in the headlines right now here in Finland because of a recent case. The original coverage is in Finnish so I will give you a short summary in English. A journalist named Sari Helin blogged about equal rights for sexual minorities, and how children are very natural and doesn’t react anyway if a friend has two mothers, for example. This is a sensitive topic and, hardly surprising, she got a lot of negative feedback. Part of the feedback was clear defamation. Calling her a whore, among other nasty things. She considered it for a while and finally decided to report the case to the police, mainly because of Facebook comments. This is where the really interesting part begins. Recently the prosecutor released the decision about the case. They simply decided to drop it and not even try to investigate. The reason? Facebook is in US and it would be too much work contacting the authorities over there for this rather small crime. A separately interviewed police officer also stated that many of the requests that are sent abroad remain unanswered, probably for the same reason. This reflects the situation in Finland, but I guess there are a lot of other countries where the same could have happened. Is this OK? The resourcing argument is understandable. The authorities have plenty of more severe crimes to deal with. But accepting this means that law and reality drift even further apart. Something is illegal but everybody knows you will get away with the crime. That’s not good. Should we increase resourcing and work hard to make international investigations smoother? That’s really the only way to make the current laws enforceable. The other possible path is to alter our mindset about Internet discussions. If I write something pro-gay on the net, I know there’s a lot of people who dislike it and think bad things about me. Does it really change anything if some of these people write down their thoughts and comment on my writings? No, not really. But most people still feel insulted in cases like this. I think we slowly are getting used to the different discussion climate on the net. We realize that some kinds of writing will get negative feedback. We are prepared for that and can ignore libel without factual content. We value feedback from reputable persons, and anonymous submissions naturally have less significance. Pure emotional venting without factual content can just be ignored and is more shameful for the writer than for the object. Well, we are still far from that mindset, even if we are moving towards it. But which way should we go? Should we work hard to enforce the current law and prosecute anonymous defamers? Or should we adopt our mindset to the new discussion culture? The world is never black & white and there will naturally be development on both these fronts. But in which direction would you steer the development if you could decide? Now you have to pick the one you think is more important.   [polldaddy poll=8293148]   Looking forward to see what you think. The poll will be open for a while and is closed when we have enough data.   Safe surfing, Micke  

Sep 8, 2014
BY Micke
My_collection_of_passport_stamps

Another scam variation – advance travel payment

We all know that there are scammers on the net, actually a lot of them. The common forms of scams are already well known, Nigerian letters and advance payment scams for example. But scammers do develop their methods to fool more people. I recently saw a warning about an interesting variant where the scammers ask for advance payments for travel services. This warning involved booking.com so you should be extra careful if you have used them recently. But the advices I share here are generic and not specific to booking.com anyway. The warning I refer to is in Swedish but I’ll provide the main points here in English. Here’s what happened according to the story. Someone books a trip on-line. Booking information leaks out to scammers somehow. This could be because of a hacking incident at booking.com, a crooked employee or maybe also through a hacked customer mail account. Now the scammers contact the customer. They claim to be the hotel and require advance payment for the stay. This can be quite convincing as they know what hotel has been booked and at what dates. The payment must be a wire transfer, credit cards are not accepted. Sadly, some customers fall for this and do the payment. They never see the money again and still have to pay the full price for the hotel. Here the key differentiator from ordinary scams is that the scammers have info about a valid purchase done by the customer. This enables them to be very convincing and impersonate the hotel (or some other provider of services) in a believable way. Fortunately it is quite easy to defeat this, and many other scam attempts, with some simple rules. Always pay your on-line purchases with a credit card. Period. If this isn’t possible, shop somewhere else instead. The credit card company acts as a buffer between you and the recipient of the payment, and adds a significant amount of security. Never use wire transfers of money. Period. This is the standard method for scammers as it is next to impossible to get transactions reversed. If someone claims that no other method is available, it is a very strong signal that something is wrong. If you have selected to pay by credit card, as you always should do, then it is a strong warning signal if someone tries to deviate from that and ask for money using some other payment method. Remember that it is next to impossible to verify the identity of the other part if someone contacts you. If you get contacted like this and have any kind of doubts, you can always contact the company you bought from to verify if they really have contacted you. The risk with credit cards is that your card number may be shared with several companies, like airline, car rental and the hotel, in the case of travel booking. Each of these may charge your card. Incorrect charges may occur either by mistake or deliberately. Always check your credit card bill carefully and complain about unauthorized charges. This is some extra work, but the customer will usually get unauthorized charges corrected. And a last hint not really related to scammers. Be careful with the grand total of your on-line purchase. Travel bookers are notorious for not showing the real grand total until at a very late stage in the purchase process. It is very easy to make price comparisons on figures that aren’t comparable. If possible, prefer honest sites that show you the real price upfront. Memorize these rules and the likelihood that you will be scammed is very small. The best way to fight scam is to not take the bait. So by being careful you not only save your own money, you also participate in fighting this form of crime as you make it less profitable. If you want to do even more, share the info and help others become aware.   If you liked this post, you may also like the story about when I sold my boat.   Safe surfing, Micke   PS. The story I base this on was seen on Facebook. It is not verified, but I find it to be believable. It doesn’t really matter anyway if the story is true or not. The story is plausible and forms an excellent warning about Internet scams, which unfortunately is a widespread and very real form of crime.   Image by Ho John Lee  

Aug 22, 2014
BY Micke