Look at this adorable They just woke him up. He stretches in his car-themed pajamas, rubbing the sleep from his eyes. His mommy or daddy captured this tender moment between sleep and wakefulness for us. We’re going to slap this photo on a mug and sell it.

Photo: woodleywonderworks (Flickr CC BY 2.0)

Photo: woodleywonderworks (Flickr CC BY 2.0)

Or look at this

Photo: peasap (Flickr CC BY 2.0)

Photo: peasap (Flickr CC BY 2.0)

Aren’t they great? Who wouldn’t want to look at these delightful little moppets every day? Well, no one will stop you! And what difference does it make that they aren’t your own children? Just buy them in our new online shop,

Designer and I brought together a colorful collection of cute photos of children we found on Flickr. Twenty dollars, and you can be the proud owner of a beautiful mug adorned with one of these little dolls.

A screenshot of our website.

A screenshot of our website.

Wait a minute. How is this possible? Seriously, is it even allowed? Aren’t we violating the privacy of these children and their families by commercializing these intimate family moments?

We share your concern. In fact, this is precisely our point: By selling these mugs we’re violating people’s privacy in three ways.

1. Privacy as the right to control your information


If you view privacy as the right to control your own information, then, from a legal perspective at least, we aren’t crossing any lines. The photographers whose images we took each chose to make their work freely available on Flickr, under a license that allows for commercial reuse.

But not everyone realized exactly what that meant — and that caused trouble when Flickr announced a new printing service, in which these commercially licensed photos could be bought as wall prints from Flickr, with none of the proceeds going to the photographers themselves. According to the copyright license and the Terms of Service, Flickr didn’t have to share the revenues. But it angered users, and the company pulled back after a few weeks following an uproar by the photographers (it still sells images from licensed artists, and splits the revenue with them).

Because we’re using photos of children, the bar is a bit higher; in some jurisdictions we have to ask permission of the parents or guardians, for example. But you could also argue, which we have done, that by uploading a photo of their own child, the parents or guardians have implicitly given their consent. It’s a gray area, we know.

That doesn’t stop other websites from also using these photos. After tracing some of these photographs on Google Image Search, we found the same pictures reappearing on various websites, including ones related to mental health, child protection, and even travel.

This only scratches the surface. Big Web conglomerates earn billions with everyone’s private information. The Web runs on user-generated content — text, videos, music, art, etc. — made and shared by ordinary people. The moment you post something on Facebook or YouTube, you enter into a contract with that company, and from then on they’re free to benefit from your material in any way they see fit, mainly by selling ads around it, but in some cases by selling your data, or using your avatar and other personal information for commercial purposes.

Let’s consider Facebook. In late January the site’s Terms of Service were renewed. Now you automatically agree to give Facebook permission to:

  • Store, use, and reuse all photos, text, and images you post on the platform.
  • Analyze all your financial transactions on Facebook, for example while playing Candy Crush Saga.
  • Keep track of your activities on all sites outside Facebook that have a Like or Share button installed.

Facebook has a very legitimate need for storing, using, and reusing your data — it’s what allows the site to show you your friends’ photos and activity, after all — but the wording is also fuzzy enough that there is basically no limitation on what it can do with your data, such as reusing your photos commercially.

Or take Google. Every time you search for an app, game, book, or movie using Google Play, you get to see recommendations from people who are in your Google+ circle. They have also given permission for their name and avatar images to be used for advertising purposes.

In other words: By agreeing with the often impenetrable legalese that makes up the general conditions and privacy terms, we are, more often than not, giving up our right to control our content.

2. Privacy and the right to confidentiality

If you view privacy as the right to hide aspects of your personal life from the eyes of the world, we aren’t actually breaking any laws either.

The fault of these privacy violations often lies with someone else. Even if you’re very careful to protect your personal data, it is still necessary for your acquaintances, friends, and family to do the same. Unfortunately, this is not something we can reliably expect.

Perhaps you have carefully configured all your privacy settings on Facebook. But your efforts will have been in vain if your friends set up theirs to be more open. If they subsequently share your posts or your photos, then, despite your efforts, Facebook will still end up in control of your content.

For Google, even if you were to use an alternative, more privacy-oriented email service that does not analyze your inbox, the moment you send a message to someone with a Gmail account, its content is still going to be scanned by Google.

In the process of collecting the various pictures for this project, we often stumbled upon the negligence of internet users. For example, we found images of children that were uploaded by a Dutch labor union, FNV. Perhaps the union was given permission to post these pictures, but the result is that they can now be used by anyone for commercial purposes as well.

3. Privacy in context

So, from a legal perspective, we have behaved admirably. But why does our store nevertheless feel so wrong? Answer: Context.

Over the last few years, a new idea about privacy has gained traction: the theory of contextual integrity. It was first articulated by the South African professor Helen Nissenbaum, who says social media has changed what information is exposed, even if it does not alter our expectations of privacy. In her view, the flow of information is pervaded by norms, expectations, and tacit agreements.

For example, we assume that when we discuss a health problem with our doctor, he or she is not going to sell this information to a pharmaceutical company. However, if we disclose our health issues in a conversation with the marketer of a drug manufacturer, we would not be surprised if that information was used commercially. The context in which information is exchanged is clear in both cases; it does not have to be made explicit.

According to Nissenbaum, we usually have a fine sense of the appropriate flow in which information is exchanged. The problem arises when something in changes the context, whether it’s the recipient of the information, the type of information, or the conditions — and when it is inappropriately shared, people feel violated.

With Koppie Koppie, we have deliberately shifted the context. On the “sending” end of the information flow, we have the photographers. The information that is transmitted are the pictures of their children. Initially, the recipients who saw those pictures were all users of Flickr — family members, friends, or maybe other amateur photographers. But by shifting the flow of information to a commercial platform, the recipients are now anyone who might be interested in buying a mug that has a picture of a kid on it.

What has changed is the social context, and this is why it feels uncomfortable.

New technology, particularly social media, can be a battering ram that redirects the flow of information, breaking these social expectations. This is why you may be shocked when a careless remark on Twitter regarding your boss takes on a life of its own and puts you in trouble the next day at work.

A context-aware approach to privacy is something that seems to have eluded companies like Facebook, Google, Flickr, Instagram, Snapchat and others. They promise secrecy and control, but what they really should be doing is making sure that people know what they can expect—to let them actually understand the ways in which your data might get shared. The fact that you share your life online doesn’t mean you’ve abandoned all your expectations on how, why, and by whom your information is used. Even if you share a lot, it doesn’t mean you have waived your right to privacy.

So, if you find yourself or your child pictured on one of our mugs, send a message to delete@koppie-koppie.biz. We’ll promptly remove the mug from our website. However, we urge you to take matters into your own hands and customize your privacy settings according to your expectations. And, if this is not possible, ask Flickr or other Web companies to make that happen.

This article was translated by Jona Meijers and appeared