Image of mother and little baby taking selfie courtesy of Rasstock /
Naked Security Naked Security

Koppie Koppie sells photos of your kids to prove you shouldn’t post them online

Two "privacy advocates" running an online store that sells mugs printed with pictures of children are intentionally stirring up controversy by grabbing photos from Flickr. The duo behind Koppie Koppie say it's perfectly legal, but they hope you get mad about it anyway.

Koppie Koppie sells photos of children in effort to raise privacy awareness.Koppie Koppie, an online business selling coffee mugs with pictures of children printed on them, is stirring up controversy – after all, the kids’ photos weren’t given to Koppie Koppie by their parents, but grabbed from Flickr.

The website, isn’t meant as a true commercial enterprise.

Rather, it’s a social experiment, say the pair behind the site – Dimitri Tokmetzis, a journalist, and his co-conspirator Yuri Veerman, a designer.

It’s all about raising awareness of privacy in the social media age, they say.

Using photos of other peoples’ kids to make money may sound creepy, but the duo say what Koppie Koppie is doing fits within the confines of what’s allowed by Flickr, and it’s completely legal.

That’s because the photos they’re using of children and babies (sometimes shown alongside their parents) were labeled with Creative Commons licensing rights that don’t restrict commercial re-use.

In an article originally published in Dutch at De Correspondent and in English on the journalism platform Medium, Tokmetzis explained that Koppie Koppie is intentionally violating the privacy of the children and their families, in spirit if not in a legal sense.

Information-sharing in context

Media platforms like Flickr (owned by Yahoo), Instagram and Snapchat, along with web giants Facebook and Google, are increasingly altering the “context” in which we share information, Tokmetzis says.

So Koppie Koppie was created to emphasize how social sharing shifts the flow of information into new contexts.

As Tokmetzis explains in his article:

With Koppie Koppie, we have deliberately shifted the context. On the "sending" end of the information flow, we have the photographers. The information that is transmitted are the pictures of their children. Initially, the recipients who saw those pictures were all users of Flickr — family members, friends, or maybe other amateur photographers. But by shifting the flow of information to a commercial platform, the recipients are now anyone who might be interested in buying a mug that has a picture of a kid on it.

When we share information with our doctor or a close friend, we have a reasonable expectation that information won’t be shared.

But social media is changing the expectation of privacy in complex ways we don’t always understand.

Although we may carefully set controls on Facebook to restrict who can see our updates and photos, our privacy still depends on Facebook and our network of friends respecting our wishes.

And because of the impenetrable legalese of most online privacy policies, many users don’t fully understand how they are giving up control to these companies to use their data and content for profit.

Tokmetzis writes that Facebook, Flickr and the other social media companies may promise control, but they fail to explain the context of how and in which ways their information may be shared with others.

So when our information is shared in unexpected or misunderstood ways, we feel violated.

This may hurt, but it’s for your own good

The Koppie Koppie experiment might feel extra creepy because it involves children, but it isn’t necessarily breaking new ground.

In an effort to improve privacy and security awareness, many researchers, self-styled activists and even large organizations enter an ethical gray area.

Google argues that its Project Zero, which publicly discloses software vulnerabilities if developers don’t fix privately-shared flaws within a period of time set by Google, is for the greater good – even though the vulnerabilities and proofs of concept it publishes can then be exploited by hackers and cause real harm.

Microsoft, which has been bitten by Project Zero’s public shaming, has fought back to say the disclosures have real-world consequences and hurt customers.

There are other examples of ways groups touting security “awareness” can hurt those they purport to be helping.

There’s the Twitter account @NeedADebitCard that tweets out photos people have shared of their credit and debit cards, and in order to prove that this behavior can result in identity theft, those behind the account are putting those people at risk.

Or there’s the self-proclaimed security researchers who dumped online more than 4 million insecurely stored usernames and phone numbers swiped from Snapchat.

It’s possible that this kind of shaming produces results – for its part, Snapchat has taken steps to clean up its act, despite starting out as a serious privacy scofflaw.

Still, if it were your child whose image was printed on a mug and put up for sale online without your knowledge – would you feel like you got a solid lesson in privacy, or aggrieved and angry?

At least there is some comfort from the Koppie Koppie duo – they promise to remove any child-exploiting mug from the website at the request of the photo owners within two weeks.

Image of baby and mother taking selfie courtesy of Rasstock /

Leave a Reply

Your email address will not be published. Required fields are marked *