The proliferation of personal computing devices in recent years, especially mobile personal computing devices, combined with a growth in the number of widely-used communications formats (e.g., text, voice, video, image) and protocols (e.g., SMTP, IMAP/POP, SMS/MMS, XMPP, etc.) has led to increased concerns regarding the safety and security of documents and messages that are sent over networks. Users desire a system that provides for the setting of custom, e.g., user-defined, access permissions for a lossy file or part of the lossy file that comprises less than the entire file through a communications network. A ‘lossy’ file, as used herein, refers to a file (or file format) that is compressed using inexact approximation methods (e.g., partial data discarding methods). As such, lossy compression techniques may be used to reduce data size for storage, handling, and transmitting content. However, because lossy compression reduces a file by permanently discarding certain information (e.g., redundant information), when the file is decompressed, it is not decompressed to 100% of the original. Lossy compression is generally used for multimedia files, e.g., images files, such as JPEG files, video files, and/or sound files—where a certain amount of information loss will not be detected by most users and can result in significant gains in file size reduction or performance.
Certain lossy file types may also be described as “single-layered.” For example, in the case of a JPEG image, all the image content information may be stored in the form of a “byte array.” In order to change the appearance (e.g., color) of any pixels in the JPEG image, an editing or modification tool would need to modify or replace the particular information in the byte array corresponding to the region of pixels that are to be changed. Thus, the image data is said to be stored in a “single layer,” as there is no way to ‘cover’ certain pixel regions in the JPEG image by simply adding an additional layer of pixel information over the top of the original pixel information. By contrast, more complex image file types that support multiple image layers, e.g., PNG images, offer the ability to store image information in distinct layers which may, e.g., be ‘stacked’ in different orders, individually adjusted for opacity/transparency, or individually moved, rotated, shown, hidden, etc. before composition and display to a viewer. Due to the use of multiple layers, these changes to the image may be made and/or ‘unmade’ without undoing, overwriting, or otherwise degrading the quality of any of the underlying image information in a layer that happens to be currently not shown to the viewer.
Lossy files may also contain multiple “header” properties. These header properties may be used to store alternate contents such as metadata, random information, or even full encoding of other files or portions of files, such as in the embodiments described herein. Such a system would allow customized privacy settings to be specified for different recipients, e.g., recipients at various levels of social distance from the user sending the document or message (e.g., public, private, followers, groups, Level-1 contacts, Level-2 contacts, Level-3 contacts, etc.). Such a system may also allow the user to apply customized privacy settings and encryption keys differently to particular parts of a lossy file, e.g., making one or more parts of the lossy file available only to a first class of users, or by making other parts of the lossy file available to the first class of users and a second class of users, all while preventing access to parts of lossy file by users who do not have the requisite access privileges.
Thus, a system for providing access permission setting through Adaptive Privacy Controls (APC) is described herein. APC, as used herein, will refer to a user-controllable or system-generated, intelligent privacy system that can limit viewing, editing, and re-sharing privileges for lossy files, for example, image files and other multimedia files that include a lossy compression (including single-layered multimedia file types), wherein changes made to the content of such ‘lossy’ files may not be reliably reversed or dynamically changed—as would be necessary according to prior art techniques attempting to implement the kinds of fine-grained access permission setting methods disclosed herein. Other embodiments of APC systems will, of course, be able to handle the setting of access permissions for recipients of lossless file formats, as well. In summary, APC systems, as used herein, allow users to share whatever information they want with whomever they want, while keeping others from accessing the same information, e.g., via hiding and/or encryption processes that can be initiated by user command or via system intelligence, even on lossy file types, and even when more than one region (including overlapping regions) in a multimedia file have been selected by a user for APC-style protection. APC access permission settings may be applied to individuals, pre-defined groups, and/or ad-hoc groups. Customized encryption keys may further be applied to particular parties or groups of parties to enhance the security of the permission settings.
APC may be used to apply privacy settings to only particular portions of a lossy file, for example, a particular portion of a JPEG image. For example, User A may be a family member who may be authorized to see an entire JPEG image, but User B and other users may be mere acquaintances, who are only authorized to see a redacted portion or portions of the JPEG image. For example, the entire JPEG image file would be viewable to User A, but only a redacted portion or portions of the JPEG image (e.g., everything but the face of the subject(s) in the image) would be available to the User B and other users when viewing the JPEG image file in an authorized viewing application.
According to some embodiments disclosed herein, a standard, i.e., “unauthorized,” JPEG viewing application would also be able to open the redacted version of the JPEG image file; it simply would not “know” where to look within the JPEG image file for the “true” content from the redacted portion or portions of the JPEG image file. According to still other embodiments, even if an unauthorized JPEG viewing application were able to find the “true” content from the redacted portion or portions “hidden” within the file structure of the JPEG image, the redacted portion or portions may be encrypted, and the unauthorized JPEG viewing application would not possess the necessary decryption keys to decrypt the encrypted redacted portion or portions. Moreover, the unauthorized JPEG viewing application also would not know where to “place” the encrypted portion or portions back within the image to reconstruct the original, i.e., unredacted, JPEG image in a seamless fashion.
Thus, according to some embodiments, the network-based, user-defined, APC controls for lossy file types or files (e.g., single-layered images) may include access permission systems, methods, and computer readable media that provide a seamless, intuitive user interface (e.g., using touch gestures or mouse input) allowing a user to: “block out” particular portions or areas of interest in a lossy file; hide (and optionally encrypt) such “blocked out” portions within parts the lossy file's data structure; and then send the lossy file to particular recipients or groups of recipients with customized access permission settings, which settings may be specified on a per-recipient basis and that either allow or do not allow a given recipient to locate the hidden portions and (if necessary) decrypt such hidden portions so that the original lossy file may be reconstructed by the recipient without degradation to the original file's quality.