Why the ACCC’s Digital Platforms Inquiry could see photographers sleepwalking into image-sharing danger
If you’re up to date on the trials of Facebook and Google, you might have heard that the Australian Competition and Consumer Commission has just released its 600-page Digital Platforms Inquiry, which is intended to make the digital landscape for consumers in Australia safer and fairer. The government is currently reviewing the ACCC’s 23 recommendations, and will decide whether to adopt or reject them by the end of this year.
But while the big social media giants have taken up the majority of headlines, what you might not realise is that contained within the same report are new digital privacy rules that will have a big impact on anyone whose day-to-day job involves taking pictures of children.
The report recommends that consumer protections in the Privacy Act be strengthened, meaning companies will have to go to extra effort to clarify how they intend to collect, use and disclose personal information. Individuals in Australia will be granted new protections to ensure that their digital privacy is maintained and upheld, and these powers will be extended to minors too.
Let’s look at photographers and the biggest publisher of minor personal data and photos: schools, as an example. If the government does decide to adopt the ACCC’s recommendations, photographers and schools will have to work much harder to ensure photos of pupils are not hosted on unsecured media, unless clear consent has been given in advance. In order for this to happen, a whole range of processes, protocols and technology will need to be put in place to keep up with the new rules.
So what steps should photographers and schools be taking to avoid falling foul of the ACCC’s recommendations? First of all, photographers must understand that contained within their regular day-to-day work is potential for a serious data breach. For instance, basic details such as a child’s name or class name, when combined with the metadata associated with a photo, such as date, time and location information can result in a breach that impacts the safety of a pupil or their family where a domestic violence order is in place.
The first step to avoiding such breaches is to ensure that the data you collect is done in a secure manner, and keep in mind that not all data breaches occur in digital environments. Making notes on paper or storing information on easy-to-lose removeable storage devices (like USB sticks or CDs) is a data breach waiting to happen. Instead, ensure information is stored in a secure, private online system.
One of the best ways to test your current data privacy setup is to investigate what happens to the data (ie, images) at all stages of its life cycle. Among some of the many questions both photographers and schools need to ask are: Where and how are the images are being captured? Where are they being stored? What kind of devices are they being captured on? Who owns those devices? Who can access those images? How is consent being captured? How are we controlling where the images are shared and published?
It’s surprising how many businesses don’t ask these questions when the answers have the power to reveal areas of significant privacy risk. All contracts between schools and their photographers should be prepared with these questions in mind, and include, at a minimum, important clauses about who is responsible for ensuring the students’ data is secure, where and how it will be stored, and what other parties are permitted to do with that data.
It’s essential that both schools and their photographers champion the image privacy cause and demonstrate robust privacy practices. They should work together to ensure all photo and video permission forms are created according to best practice, and that image privacy processes and procedures are sound. Don’t be afraid to invest in technology, expertise and resources, including those that help manage image consent across large, diverse and growing media collections. Much can be achieved by educating existing staff on image privacy processes and procedures.
The end of the year will be here before we know it. If the ACCC’s recommendations are accepted, there won’t be much time for schools and photographers to make the necessary improvements. Don’t assume that you can retrofit privacy at the last minute, or you will join the long list of schools and photography businesses sleepwalking into image-sharing danger.
– Colin Anson, CEO, Pixevety
Colin Anson (pictured right) is a digital entrepreneur, and the CEO and co-founder of child image protection and photo storage solution, pixevety: https://pixevety.com/
In 2012, Colin saw an opportunity to create a unique business within his area of passion, photography. He witnessed first-hand the potential risks and harm the mismanagement of photos can have on children. And he became an advocate for protecting every parent’s right to determine how their child’s photo is used, and protecting every child’s right to safety and digital privacy. After learning of the minefield of privacy laws and the daily stress for schools in managing and sharing the photos of every single student, Colin decided to do something about it. And pixevety was born.