Beware! Facebook embeds tracking data inside photos you download

By: |
Published: July 15, 2019 4:43:46 PM

Days after Facebook was fined a record $5 billion fine by the Federal Trade Commission (FTC), the social media giant is embroiled in another privacy controversy

Facebook, facebook privacy, facebook privacy issues, facebook privacy breach, Edin Jusupovic, tracking data, Facebook photos, facebook downloadFacebook CEO Mark Zuckerberg testifies before a House Energy and Commerce Committee hearing regarding the company’s use and protection of user data on Capitol Hill. (Reuters/File Photo)

Days after Facebook was fined a record $5 billion fine by the Federal Trade Commission (FTC), the social media giant is embroiled in another privacy controversy. An Australian cyber researcher has claimed to have found “hidden codes” in photos uploaded by users onto the site.

In a Twitter post, Edin Jusupovic, a cybersecurity expert and a law student (LLB) at the University of New England, claimed that Facebook has been embedding codes inside photos that users download. “Facebook is embedding tracking data inside photos you download.”

Jusupovic claims he noticed a structural abnormality when looking at a hex dump of an image file from an unknown origin. He found that it contained an IPTC special instructions and the data image file originated from Facebook

Jusupovic observed that this enables Facebook to track photos outside of their platform with high precision and to track who originally uploaded the photo.

The IPTC special instructions that Jusupovic viewed are a set of metadata watermarks that describes and gives information about other data. Facebook adds these metadata watermarks to tag the image with its own coding. Enabling the “tracking” to take place, these tags can be read later.

However, what the Australia-based researcher has traced is not new and it is not especially well-hidden either at the basic level. It can be used to trace the ownership of images, to settle cases related to copyright infringement and to provide enhanced user services.

In 2015, a StackOverflow member, Patrick Peccatte, had raised the questions about the images uploaded on Facebook. Many images uploaded on Facebook contain IPTC/IIM fields which are apparently automatically added during the upload process: Special Instruction, a string beginning with “FBMD” and Original Transmission Reference, what is this?” Peccatte asked.

Jusupovic warned that if the technology is weaponised, Facebook could potentially track its users without zero proof.

Get live Stock Prices from BSE and NSE and latest NAV, portfolio of Mutual Funds, calculate your tax by Income Tax Calculator, know market’s Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.