Privacy and Security TidBits

Pictures, Online Tagging, Facial Recognition and Privacy: A Study by the CNIL

 In a recent article, published by the Huffington Post, Isabelle Falque Perrotin, the President of the CNIL * , summarizes the findings of a study that the CNIL had commissioned on the use of photos in social media.

The study was conducted by TNS Sofres on a national sample of 1554 people age thirteen and up.

The CNIL had commissioned the study in light of the explosion of photo sharing on social media in recent years. For example, every day, more than 300 million photos are shared on Facebook alone. In conjunction with the development of facial recognition technologies and the searchabilty of online pictures, the stakes for privacy are high.

Here are some interesting numbers:

  • More than half of internet users take pictures with the primary purpose of publishing them online.
  • 58% of internet users publish pictures online, and the percentage rises to 86% among the 18-24 age group. 60% of the 18-24 age group admits searching for pictures of others online.
  • 89% of the 18-24 age group has used tagging. 41% of the same age group is worried about this practice.
  • 44% of internet users always ask permission of the photographed people before publishing a photo. (that leaves 56% who don’t).
  • 43% of internet users have been embarrassed by a picture published online. In the age group 18-24, this number rises to 61%. For 27% of that age group, the online publication of pictures already has had negative impacts in their personal lives.
  • 62% of internet users do not know who has access to their pictures, posted online.
  • Two out of three internet users declare to want the option of deleting their pictures at a later date, but three out of four realize that it might be difficult. Less than 1/3rd of internet users claim to understand the parameters that control the use of their pictures.


These numbers lead the CNIL to conclude that, in the absence of a clear understanding by the users of the parameters for the use of their pictures, the responsibility for the protection of privacy should not only lie with the user, but also with the platforms that publish those pictures. For example, these platforms should provide their users with clear tools to manage the life cycle and visibility of users’ pictures.

The lack of transparency in the area of online mechanisms regarding pictures echoes the general trend of lack of transparency by the largest internet players, which the CNIL has discovered for example on the occasion of its audit of Google.

The CNIL warns that, even though innovation often demands breaking with established rules, a stable business model nevertheless requires transparency of its policies and the trust of its platform’s users.

It cites the recent Instagram gaffe as an example that illustrates this point.


Advice for Internet Users:

The CNIL posted on its site a list of simple and practical data protection tools for pictures, posted online.

Some tips:

  • Pay attention to the privacy settings of the platform on which you post your pictures.
  • Use tagging with restraint and ask permission first.
  • Think twice before using the automatic synchronization tools offered by online platforms: you may want to automatically share some of the pictures you take with Facebook, but certainly not all of them. Automatic synchronization will lead to sharing of all pictures, now and in the future. Once shared, these pictures may be hard to retrieve. (For example, they may have been shared onward, without your knowledge).


These tips may sound basic to the sophisticated privacy professional, but it is this author’s opinion, based on her personal experience online, and now reinforced by the numbers provided by the CNIL’s study, that they are not superfluous.

Kudos to Isabelle Falque Perrotin for disseminating this important information on a popular publication such as the Huffington Post.

* La Commission Nationale de l’Informatique et des Libertés, the French Data protection Authority.