EN FR
EN FR

A few days after receiving a record fine of 5 billion dollars, Facebook once again animates Internet users on topics of projection of privacy. The company of Mark Zuckerberg is an expert in this field which allows it to have one of the most powerful advertising tools of the web. Recently, an Australian cybersecurity researcher noticed a code in photo metadata uploaded to Facebook. It would allow to follow the image outside its platform, and thus connect it to a user.

IPTC data in images

IPTC data is what we call metadata. They are hidden in an image in order to be recovered in another software, or on another site, in order to present certain information. This can be a copyright, a legend or description of the photograph, etc.

In the case of Facebook, what is left is a series of numbers and letters. Because of this, the social network can follow an image that has been published on its social network when it is shared elsewhere.

For the moment, it is impossible to identify what is hidden behind this series.

Tracking? Yes. But what for?

The presence of this code can have multiple applications for image tracking, and not necessarily for the user. Thus, the first logical application would be the protection of the image property. If Facebook is not really known for protecting rights holders, it must keep pace. In this way, if a major brand, or a photographer complains about the misuse of its creations, Facebook could quickly find the content in question.

The other important aspect is the protection of users from offensive, banned content. That was the case with the live video of the Christchurch bombing. If the live feed of the terrorist was only seen by less than 200 people, a small group downloaded it and then went back. Because of the search for ubiquitous viral presence on the social network, the video was distributed 1.5 million times, but instantly deleted by Facebook. If artificial intelligence can be thanked, it is possible that metadata can be used to pre-identify the video if, for example, it has been modified to deceive the algorithms.

"The highlighted code is used to facilitate the loading of images on mobile devices and is not linked to the person uploading the photo or to the person watching it. We are also adding code to the tools built by our security and security teams to help us detect abuses, such as identity theft,” said aon Facebook a few days after the publication of our article.