There has been a concerning rise in a scheme where bad actors are using publicly available images of children from websites and social media pages. These images are being manipulated with AI to create harmful content, which is then used in sextortion schemes demanding payment. Reports indicate that schools are being increasingly targeted in these attacks.
Preventing the misuse of images posted on public websites is inherently challenging. While certain technical measures can make it more difficult to copy images, no method can offer absolute protection against unauthorized use.
To help mitigate risk, Finalsite recommends the following measures:
-
Consider using images that don’t reveal the identities of the people pictured.
Limit access to identifiable photos of children to password-protected pages or within a Finalsite portal. Furthermore, limit identifiable information in file names, alt text or captions that could make it easier to target individuals. - Use AI to replace the faces of students in photos used on your website. Canva’s Magic Edit feature is one of many tools available to accomplish this.
-
Use watermarks on images.
Embedding metadata or invisible digital watermarks can help track ownership, copyright, and usage details. Unlike visible watermarks, these cannot be easily removed unless the metadata is stripped. If advanced watermarking is not feasible for your team, visible watermarks can deter misuse. Visible watermarks can be added using popular tools like Canva. - Familiarize your team with the Digital Millenium Copyright Act (DMCA) takedown notices and have a process in place for quickly responding to offending content. The DMCA allows copyright holders to request the removal of their content from websites or platforms if it is used without permission.
-
Ensure your media release waivers are up to date.
Have your legal team review your release waiver language and ensure you have an accurate “do not photograph” list. Cross-reference the list with images posted publicly to ensure they do not include people who have opted out.
Some clients have asked about disabling right-click functionality as a deterrent, but we don’t recommend this for several reasons outlined in this article. First, disabling right-click can frustrate legitimate users who rely on it for accessibility features or site navigation. Additionally, it provides only a false sense of security—bad actors can still easily access images through other means, such as inspecting the page source or taking a screenshot.
Key Takeaways
While nothing can fully prevent a bad actor from misusing images found on a public website, using these suggested actions can provide a layer of security for schools.
Comments
Please Sign in to leave a comment if you don't see the comment box below.