A day in the life of a digital photo
From film to digital to mobile, it has become easier and easier to take and store photos. Most of us don’t even think twice about snapping a quick photo here, or there, or everywhere. In fact, collectively we took an estimated 1.2 trillion photos last year, with somewhere around 85% of those on mobile devices! So where do all of these photos end up? Most of us probably use some kind of ‘cloud-based’ storage option, but have you ever wondered what really happens to all those photo bits and bytes? There are lots of options for photo storage out there, but how exactly do they all work behind the scenes?
At Textile, we have some crazy new ideas about how this whole process can be made better, but in order to get to those ideas, we need to explain how things are done now. So let’s track a day in the life of a digital photo, from inception across the vast ‘tubes’ of the Internet, to the very last ‘like’.
Before we start this adventure, why not jump on the Textile Photos waitlist to request early access to a whole new way to control your photos.
A photo is born
Imagine you are on a family vacation, somewhere tropical. The photo opportunities are endless. Each phone tap is another personal memory recorded, only to be shared with close friends and family. And so begins your photo’s digital journey. As the light enters your phone’s camera lens, it is projected into a sensor that converts the light into electrons, which are in turn converted into digital pixel values — your raw photo data. At the same time, your phone is automatically converting the raw pixel values into a single JPEG image, adding metadata, and even recording location information. Now what? Well if you want that latest beach pic to stick around, it must begin its perilous journey to the cloud …
Journey to the cloud
Remember, the cloud is really just someone else’s computer, so depending on what cloud we’re talking about, that someone else will vary. These days everyone uses HTTPS to securely (using encryption) transfer your photos across the Internet, protecting ‘data in transit’ between your phone and cloud servers. After this first leg of the journey, your photo reaches its first cloud-based destination, and becomes a ‘file at rest’. These files — stored digitally in the cloud — are usually encrypted using some form of key-based encryption technology, for which only the cloud provider has the key. While most services are likely pretty secure, if they are closed you really have no choice but to trust them.
And that’s really the issue. These providers need to store the encryption keys used to encrypt your data somewhere, and this makes them vulnerable. We all know data breaches can happen — just ask Equifax about the 147.9 million consumers affect by their epic data breach — and we don’t always have control over who has access. For example, in China your iCloud backups aren’t even under the control of Apple. On top of that, your friendly neighborhood cloud storage provider is the one with the key to your data (not you), so if they disappear (like any one of these defunct photo-sharing services)… you’re hooped!
Speaking of which…
You’ve got your photos (locked) up in the cloud. Now what services can access your photos, and under what circumstances? What ‘rights and responsibilities’ do you have? For that, we turn to the terms of service (TOS: you’ve read those before right?). For example, friendly Flickr gives you quite a bit of control over who has access to your photos, whereas Instagram has very broad copyright license on your content (they can do stuff with your photos). Conversely, Dropbox won’t license your content to 3rd parties, but you do have to grant them (and their partners) access to ‘Your stuff’.
So your content isn’t really always being used in ways you choose. You only choose to store or share a photo, not to have the ownership change hands or to have it used in an advertisement you never even see… and that’s an issue. But your photo’s journey still isn’t complete — it is now destined for an all-expenses-paid trip around the world…
Putting your self(ies) out there
Now that our photo is ‘out there’, either in the cloud or on the ‘social web’, what does that actually mean? Where exactly is all of this happening? The answer: all over the world. Amazon, one of the largest cloud providers in the world, has a global server network than spans many continents and countries. To make it easier and faster to view that #sunset pic later, most services also use CDNs to speed up content delivery (which means multiple copies of your photos around the world). With all this data moving around between your phone, data centers, and other apps, there’s nothing stopping a malicious attacker (hacker) from monitoring network traffic, or a government from demanding access (the keys) to your data.
This whole system is quite ‘brittle’, and invites attacks and even unintentional mistakes. Just take a look at the recent Twitter case of storing all our passwords in plain text to know that even the big guys don’t always know what they’re doing. So while it seems like, on your phone your data is secure, and in transit providers are taking things seriously, and even in the cloud vulnerabilities are patched and repaired, you never really can know for sure.
So what do we know? Well, your photos are out there on these servers where sometimes you still own the data, sometimes it isn’t totally clear. Sometimes the data is secure, and in other cases it’s probably not. And as time goes on, you’re going to change phones, you probably aren’t going to stick with one cloud provider, and your photos will end up spread across multiple photo sharing apps. Some will stick around, like Flickr, Google Photos, Snapfish, and DeviantArt (remember them?), and some will die out (so long Picasa). How many different services have you used to store your photos (there are at least 41 services listed here), left them, or forgot about them (after-all, only about 25% of photos are shared online or in person)? How do you get your photos back out, can you leave entirely? Without a clear level of ownership and control, things can get messy very quickly. So while you trust your cloud provider now, you are giving up control of that data forever, even after you move on to the next thing.
If you ask us, things can be better, a lot better.
There are better ways
What if you didn’t need to worry about data breaches at all? What if your cloud provider or photo hosting site didn’t actually have access to the encryption keys or your ‘raw’ photo data in the first place? Such a system is called zero-knowledge encryption, and it literally means they have zero knowledge of the data you store on their servers. Sounds like magic, but some services do this already, including Textile Photos! But wait, there’s more. Right now, your photo is sitting in an undisclosed data center somewhere. That someone else we talked about is one single entity, with all of the same issues we’ve described above. But what if that someone else was actually almost everyone else? What if we could have the network to store your photos for you? This is the whole idea behind a decentralized and distributed storage system. And this is the future of photo storage and sharing.
Intrigued? Check out our other articles for some of the crazy ideas Textile is exploring/implementing to better protect your photos. And while you’re at it, why not join the Textile Photos wait-list to try some of these ideas first hand.