Lightroom: Log file of changes made (for privacy protection laws)

  • 2
  • Problem
  • Updated 1 year ago
  • (Edited)
As required by the new European privacy protection laws (thanks a bunch, data miners), photographers are required BY LAW to record every single change made to an image.

This stems from future video surveillance regulations, but obviously someone didn't finish thinking there and just generally applied that, indeed very important, regulation to digital imaging in general.

Now, we could, of course, spend 95% of our client's time typing our logs, but maybe it would be easier if you could implement a log file like in Photoshop. Otherwise, I could no longer use the development module in LR realistically or, basically any functions that alter the image or any of its data.

So please, is there a way to work this out, until thes laws are being refined? It's slightly more than a month now.
Photo of Markus Schlögl

Markus Schlögl

  • 12 Posts
  • 4 Reply Likes

Posted 1 year ago

  • 2
Photo of Paul

Paul

  • 27 Posts
  • 12 Reply Likes
As required by the new European privacy protection laws (thanks a bunch, data miners), photographers are required BY LAW to record every single change made to an image. 
Wow, I did not pick up on that aspect of GDPR.  Can you point me at your source please?  Do you know if it just applies to businesses or is it all photographers who make their library accessible on-line?
Photo of Markus Schlögl

Markus Schlögl

  • 12 Posts
  • 4 Reply Likes
I can't point you to a source, but I've been to 2 conventions held by the austrian chamber of commerce, one specifically tailored to professional photographers, so I can't tell if it applies to everybody. And, of course, it only applies to photos of persons that could be identified through the picture taken, by face, clothing, a special watch, tattoo etc.
The lawyer that spoke to us pointed out this aspect, leaving a hall full of people with their mouths gaping wide and more than an hour overdraft, due to the ensuing storm of almost amused questions.

The only real answer we got that nicht was: "It's the law, I'm sorry."
Photo of Gary Rowe

Gary Rowe

  • 107 Posts
  • 37 Reply Likes
Honestly, I cannot think of any article or recital in the GDPR that can require such records to be kept. Can you find out what articles of the GDPR your chamber of commerce believe are involved?
Photo of john beardsworth

john beardsworth

  • 1178 Posts
  • 295 Reply Likes
Save the xmp files? They're as human-readable as PS logs.
Photo of Markus Schlögl

Markus Schlögl

  • 12 Posts
  • 4 Reply Likes
Is every singe alteration to the image recorded in the xmp?
Photo of john beardsworth

john beardsworth

  • 1175 Posts
  • 294 Reply Likes
Depends what you mean. The steps aren't - so there's no record of adding a clone spot which you then remove. But the alterations to the image are.

I really think you need to provide a precise reference to the applicable section of GDPR before we all waste a lot of time and energy on this. Something a bit more precise than one night a lawyer told me....
Photo of Markus Schlögl

Markus Schlögl

  • 12 Posts
  • 4 Reply Likes
OK, maybe that could suffice. Applying standard actions

Please search for it yourself. That's why I went to conventions and spent several hours there, so I don't have to search online and work through thousands of pages of legal lingo, and many people don't seem to even know or care 1 month before these laws activate. The lawyer didn't "tell me that night", he told an audience of 300 people.

But, of course, I could just troll all of you. Please.

My original question was, if there was a way to record steps taken in LR, I really don't want to have a discussion about these laws, it's everyone's own responsibility to take care of their legal situation.
Photo of john beardsworth

john beardsworth

  • 1175 Posts
  • 294 Reply Likes
I am not accusing you of trolling, but these things are easily misinterpreted and blown out of proportion. Anyway, as I have told you, LR already records changes to images in a format that can be read.
Photo of Markus Schlögl

Markus Schlögl

  • 12 Posts
  • 4 Reply Likes
I think there was at least half an hour of extra discussion 1 hor after the event had officially ended on how to achieve thos - utterly ridiculous - requirements. I hope the chamber of commerce didn't hire an idiot to misinform people, which, of course, can always be the case, and i doubt, just as pretty much anyone else there did, this would even be applied by the Data Security officials. They're more interested in the safeguarding of personal data and appearance in connection with the oh-so-feared political, religious and sexual affiliations.

But we were clearly warned about people with an extremely overblown ego and right awareness (of whom I know a few..) who will sink their teeth in until you're legally dead, just for satisfaction and money (which I've also personally witnessed somebody do). Also, we were warned about potential competitors out to bring businesses down. Primarily, this seems to be a mixture between laws to-be-revised and what other people make of them.
Photo of Paul

Paul

  • 27 Posts
  • 12 Reply Likes
I'll bet there was a healthy dose of scaring the bejesus out of the audience to generate some lawyers' revenue too. :)

There's a whole debate to unfold on what is a material change.  Not here though.  And not now
Photo of Markus Schlögl

Markus Schlögl

  • 12 Posts
  • 4 Reply Likes
Yes, they were, especially in the general business convention, trying to sell advisory services. But not at the photographer event. He was plainly sorry to leave us with a pile of crap ;)
Photo of Just Shot Me

Just Shot Me

  • 326 Posts
  • 93 Reply Likes
Not sure this really applies to a RAW image data developer and more than likely only applies to software that actual parts of an image can be removed and replaced.
Even with the LR/ACR spot removal tool you couldn't change a face to some other face or place that person, face, in some other background environment.
Photo of Markus Schlögl

Markus Schlögl

  • 12 Posts
  • 4 Reply Likes
You are using LR to change an image to a version which you intend to publish. Pricavy laws are not about faking an image, but for protection of the depicted person's privacy. Video surveillance must not be altered or tampered with, and if you do, you need to provide every step of alteration. According to the info I got, these rules were, as stated above, applied to all sorts of digital imaging.

Again, I just asked for a way to protocol what I do in LR. If this isn't possible in a satisfactory fashion, I'll have to, at least temporarily, stop using it, or restrict its use to presets that are easy to reproduce and document. That's all I need to know for now.
Photo of Just Shot Me

Just Shot Me

  • 326 Posts
  • 93 Reply Likes
Ok but if I take a photo of someone, with or without their permission in a public space, and then sharpen, adjust exposure, WB, contrast and the like and do some spot removal and then post it someplace I can't see how any of that would constitute Changing the image or why I would need to document any of those steps.
Personally I would continue doing what I have done for years and if for some reason was called out on it I would deal with it at that time.

IMHO Adjusting and image is completely different from Changing it.
Hope you get an answer you can live with.
Photo of Paul

Paul

  • 27 Posts
  • 12 Reply Likes
I agree - see my comment about material changes above
Photo of Markus Schlögl

Markus Schlögl

  • 12 Posts
  • 4 Reply Likes
@ Just Shot Me are you aware of the severity of financial punishment that awaits? Up until now the maximum penalty was € 35.000. They changed it to 20 Million or 4% of worldwide revenue, whatever would be higher.

Still, I just want to know if logging would be possible.

@Simon I am aware of the technicalities. I just hope the develop settings would suffice. That would mostly solve the problem. But, of course, as nobody thought this through, there's no clear description, according to my info. So, if somebody wants to get to you, they'll find a way.
Photo of Paul

Paul

  • 27 Posts
  • 12 Reply Likes
I'm not at the right computer to look.  Is there a comments field where you can add notes about what you did?  Because that might be a helluva lot more material than a bunch of operation logs.  Just thinking out loud.
(Edited)
Photo of Markus Schlögl

Markus Schlögl

  • 12 Posts
  • 4 Reply Likes
There is, but in my version it says "Comments are not supported here" (translated from German). A standard CR2 file.
Photo of Simon Chen

Simon Chen, Principal Computer Scientist

  • 1573 Posts
  • 514 Reply Likes
Official Response
Lr is a non-destructive image editor. On the one hand, you have your source image, and on the other hand you have the develop settings (such as XMP sidecar) that describes the type of image adjustments and other metadata that one has added to produce the final output image. Lr catalog also records the history steps so provides sort of auditable tracks. 

When you export the images out of Lightroom, there is an export option to set the metadata export options to "All Metadata", that will include a copy of the develop settings in XMP in the result rendered image, such as JPEG.
(Edited)
Photo of Markus Schlögl

Markus Schlögl

  • 12 Posts
  • 4 Reply Likes
If the LR catalog does it, I'd say that's good enough. I'll find what exactly is being recorded. Photoshop's Log also just gives you the history states, which do vaguely reproduce what technically was done to the image, but of course not visually. We'll see how this resolves, but for now I think this needs to suffice.
Photo of Jeffrey Tranberry

Jeffrey Tranberry, Sr. Product Manager, Digital Imaging

  • 15365 Posts
  • 2239 Reply Likes
One thing you can do to visually see what is different between the original file and the edited file is to put the original file on one layer and the edited file on another and choose "Difference" for the blend mode (in Photoshop). Things that are untouched are black, that are different aren't black.
Photo of Markus Schlögl

Markus Schlögl

  • 12 Posts
  • 4 Reply Likes
This doesn't resolve the issue of a missing log file with every single step taken - except if catalogue does keep a log.

I'll try to find an official contact in this matter, as it seems that people are more interested in a workararound around a clear, but not-so-clear matter.
Photo of Gary Rowe

Gary Rowe

  • 106 Posts
  • 37 Reply Likes
Again I ask - what part of the GDPR have you been told necessitates you to do this? I cannot find any reference across 10s of professional & amateur sites, blogs etc. for any kind of requirement like this, nor can I see any part of the GDPR that would seem to require it.  I think you may have been misled, so I suggest following up with the chamber of commerce or one of the presenters to get the article numbers in question and follow up on this in that way.
Photo of Rob Rippengale

Rob Rippengale

  • 86 Posts
  • 60 Reply Likes
As an interested bystander (in Canada) I would also enjoy being educated on this. It seems impossible that anyone would want a detailed list of exactly what color changes each pixel went through from the RAW sensor data towards the final printed paper image. Even recording general tonal changes seems impractical for a court of law. Raising shadow detail is not a crime. I might expect a commercial photographer to record which features were falsified in the image, what was purposely changed by push or patch, but having everybody log every filter and tonal change seems the opposite of useful.
Photo of Markus Schlögl

Markus Schlögl

  • 12 Posts
  • 4 Reply Likes
I'm already in direct contact with the GDPR officials in my country, who I expect not to know anything about it, but will hopefully forward me to someone who does.

Gary - again I explain: this has been directly deducted from the requirements for processing surveillace video. Allegedly, these regulations apply to photographers as well. The councelling event was held by the chamber of commerce. The one I visited before too, and there we were told, that in Austria there were merely 2 experts for GDPR in total, one of them was speaking.

Rob - it's all no crime, but due to someone not thinking things through, any kind of manipulation must be logged - you wouldn't want anyone to tamper with a surveillance video, and as photographers seem to be the same as CCTV, they get the same set of rules :-P

I figured, and the person at the first meeting verified my thoughts, that the EU quickly fleshed out these regulations after they - finally - realized (how long did that take? A decade, or two?) that the US were skimming our data without any hassle, making big business with it, and since the EU wants that data business for themselves, they now, all of a sudden, "care about EU citicen's privacy", who hardly anybody seems to give a damn about, anyway, and never did before.

So now, within the limits of sounding butthurt, I have to spend days encrypting data, moving data, typing sheets and lists of data, hassling clients with E-Mail encryption just to send them a bill, encrypting cloud files, all my client work etc, with no data whatsoever anyone might be interested in stealing, because it's - mostly - to be found online, anyway.

Of course they tried to sell it as "chance to work truly professionally", but seriously, primitive E-Mail decryption seems to be too much for MOST clients, so I'd rather use snail mail again. What a progress.
Photo of Rob Rippengale

Rob Rippengale

  • 86 Posts
  • 60 Reply Likes
Great story, Markus. Thanks.
Photo of Rikk Flohr

Rikk Flohr, Official Rep

  • 5506 Posts
  • 1157 Reply Likes
Official Response
Information regarding this topic can be found here: https://www.adobe.com/privacy/general-data-protection-regulation.html