When Embarrassing Photos Metastasize Online and How One Person Took Control of It

What are you going to be for Halloween? If you do plan on dressing up, what are the chances photos of you in your glorious costume will be taken and posted online? Well, we’ll come back to this…

A few months back, I wrote about the nightmare of having an ex-spouse post embarrassing and vengeful photos of Lee David Clayworth online. The generativity of the Internet allows information to flow and metastasize so quickly, such disturbing posts can be almost impossible to take down or control.

We’ve also featured a few posts on this blog concerned with online hate speech and the rampant existence of online trolls—folks who scour the Internet looking for ways to make people feel terrible. As someone who has had their identity stolen and felt the utter helplessness of not being able to control my personal information and identity, the harm is real, but difficult to quantify.

Last week, Caitlin Seida wrote a column for Salon about her experience of having an embarrassing photo of herself posted online. One day, a friend had alerted her to a very public site dedicated to mocking people’s appearances. The site featured a photo of Seida dressed in her Halloween costume. “There I was in full glory,” she wrote, “a picture of me dressed as my hero Lara Croft: Tomb Raider for Halloween—but written over the image were the words ‘Fridge Raider.’”

You see, Seida eats right, (“most of the time”), and exercises (“an inordinate amount”), but struggles with polycystic ovarian syndrome and a failing thyroid gland. “I’m strong, I’m flexible and my doctor assures me my health is good,” she explains, “but the fact remains: I’m larger than someone my height should be.”

At first, she said, “I wasn’t even angry … I was actually kind of amused.” Clearly she has a sense of humor and a good view of what’s really important in life. But something changed; she began reading user comments. “Hundreds of hateful messages, most of them saying that I was a worthless human being and shaming me for having the audacity to go in public dressed as a sexy video game character … Scrolling through the comments, the world imploded—and took my heart with it,” she wrote.

In my experience a number of years back, someone actively used my personal information to file my federal taxes. And in the case of Clayworth, an ex-girlfriend actively stole his personal photos from his laptop to shame him online. Funny or not, even Scarlett Johansson has recently been victimized online.

But for Seida, she realized the source of her troubles actually stemmed from her very own Facebook post. “I’d posted the image on Facebook,” she wrote, “but like so many before me, I’d failed to pay attention to my privacy settings when I uploaded it. Instead of restricting access to my friend network, I’d inadvertently given access to the whole world.”

There are so many things that are seemingly out of an internet user’s control: How online behavior is tracked by ad networks and other third parties or how the NSA collects phone metadata are just two examples. But the more educated users are about online privacy, the more empowered they can become.

Seida went a step further because, as she explains, “Facebook made it easy to find people who had commented on the images. By now, the picture had metastasized through reposts on Twitter, Tumblr, reddit, 9Gag, FailBlog. But looking through the Facebook ‘like’ function, I could track down the most offensive commenters.” And she let them know how she felt about their commentary. For the most part, folks were surprised she had found them. “Most didn’t realize,” she said, “that when you post to a public page through your Facebook account, it doesn’t matter that your own content is restricted.”

We, in the privacy community, have been talking a lot about business accountability of late, but maybe the best way for businesses to be accountable is to show users how they can be accountable. Sieda was clearly accountable for her actions once she understood the tools Facebook provide could be used as much for good as harm, plus, her plan to regain control of her image is laudable and perhaps a lesson for all of us. Personal privacy is a thing to cherish, but if parts of it are lost, there are ways people can try to take back, at least some, control, as long as those tools are supplied and easy to understand.

As Seida says, “I’ve also learned to keep a tighter rein on my privacy settings online. I don’t always succeed at keeping my content private, but I’m certainly more guarded now.”

We hear a lot about transparency, but not as much about power. What good is knowing what’s being done to you if you don’t have the power to change it? As soon as Seida stopped feeling helpless, the harm decreased.

Like a few other brave, thick-skinned souls, Seida now regularly searches out the “less tasteful side of the Internet” to issue take-down notices, but as she noted, “it’ll never be completely gone, which is why I decided to post the image in this story. On my own terms. To own it again, without shame this time.”

If more consumers feel like they have more ownership over their online identities, much of today’s privacy debates might be significantly lessened.

In the meantime, if you do dress up this Halloween, have a good time. Just think twice before posting about it online.

Written By

Jedidiah Bracy, CIPP/E, CIPP/US


If you want to comment on this post, you need to login.


Board of Directors

See the esteemed group of leaders shaping the future of the IAPP.

Contact Us

Need someone to talk to? We’re here for you.

IAPP Staff

Looking for someone specific? Visit the staff directory.

Learn more about the IAPP»

Daily Dashboard

The day’s top stories from around the world

Privacy Perspectives

Where the real conversations in privacy happen

The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

Privacy Tracker

Alerts and legal analysis of legislative trends

Privacy Tech

Exploring the technology of privacy

Canada Dashboard Digest

A roundup of the top Canadian privacy news

Europe Data Protection Digest

A roundup of the top European data protection news

Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

Latin America Dashboard Digest

A roundup of the top privacy news from Latin America

IAPP Westin Research Center

Original works. Groundbreaking research. Emerging scholars.

Get more News »

IAPP Communities

Meet locally with privacy pros, dive deep into specialized topics or connect over common interests. Find your Community in KnowledgeNet Chapters, Sections and Affinity Groups.

IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.

Find a KnowledgeNet Chapter Near You

Talk privacy and network with local members at IAPP KnowledgeNet Chapter meetings, taking place worldwide.

Find more ways to Connect »

Find a Privacy Training Class

Two-day privacy training classes are held around the world. See the complete schedule now.

The Privacy Core™ Library Has Evolved

Privacy Core™ e-learning essentials just expanded to include seven new units for marketers. Keep your data safe and your staff in the know!

Online Privacy Training

Build your knowledge. The privacy know-how you need is just a click away.

Upcoming Web Conferences

See our list of upcoming web conferences. Just log on, listen in and learn!

Train Your Team

Get your team up to speed on privacy by bringing IAPP training to your organization.

Let’s Get You DPO Ready

There’s no better time to train than right now! We have all the resources you need to meet the challenges of the GDPR.

Learn more »

CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

CIPT Certification

The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements

FIP Designation

Recognizing the advanced knowledge and issue-spotting skills a privacy pro must attain in today’s complex world of data privacy.

Certify Your Staff

Find out how you can bring the world’s only globally recognized privacy certification to a group in your organization.


The IAPP’S CIPP/E and CIPM are the ANSI/ISO-accredited, industry-recognized combination for DPO readiness. Learn more today.

Learn more about IAPP certification »

Are You Ready for the GDPR?

Check out the IAPP's EU Data Protection Reform page for all the tools and resources you need.

IAPP-OneTrust PIA Platform

New U.S. Government Agency privacy impact assessments - free to IAPP members!

IAPP Communities

Meet locally with privacy pros, dive deep into specialized topics or connect over common interests. Find your Community in KnowledgeNet Chapters, Sections and Affinity Groups.

Privacy Vendor List

Find a privacy vendor to meet your needs with our filterable list of global service providers.

More Resources »

Europe Data Protection Intensive 2017

The Intensive is sold out! But cancellations do happen—so hurry and get on the wait list in case more seats become available.

Global Privacy Summit 2017

The world’s premier privacy conference returns with the sharpest minds, unparalleled programs and preeminent networking opportunities.

Canada Privacy Symposium 2017

The Symposium returns to Toronto this spring and registration has opened! Take advantage of Early Bird rates and join your fellow privacy pros for another stellar program.

The Privacy Bar Section Forum 2017

The Privacy Bar Section Forum is sold out! But you can still add your name to the wait list, and we'll keep in touch about your status. Good luck!

Asia Privacy Forum 2017

Call for Speakers open! Join the Forum in Singapore for exclusive networking and intensive education on data protection trends and challenges in the Asia Pacific region.

Privacy. Security. Risk. 2017

Call for Speakers open! This year, we're bringing P.S.R. to San Diego. Submit today and be a part of something big! Submission deadline: February 26.

Europe Data Protection Congress 2017

Call for Speakers open! The Congress is your source for European policy debate, multi-level strategic thinking and thought-provoking discussion. Submit a proposal by March 19.

Sponsor an Event

Increase visibility for your organization—check out sponsorship opportunities today.

More Conferences »

Become a Member

Start taking advantage of the many IAPP member benefits today

Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits

Join the IAPP»