The JPEG Committee is considering a proposal to add DRM to the JPEG image format. The professional version of the JPEG format, JPEG 2000, already has a DRM extension called JPSEC. But usage of JPEG 2000 is limited to highly specialized applications such as medical imaging, broadcast and cinema image workflows, and archival, therefore the availability of DRM in JPEG 2000 hasn't affected the use of images online. Now, the JPEG Privacy and Security group is considering backporting DRM to legacy JPEG images.

The JPEG Committee is arguing that rights protection would help protect privacy. With DRM, for instance, you could potentially prevent a private image from spreading beyond its intended audience.

But these protection measures could also have a negative cultural impact by preventing fair use and quotation. It could also open the door for bogus DRM claims over public domain works, and pose interoperability problems.

This doesn't mean that there is no place for cryptography in JPEG images. There are cases where it could be useful to have a system that allows the optional signing and encryption of JPEG metadata. For example, consider the use case of an image which contains personal information about the individual pictured—it might be useful to have that individual digitally sign the identifying metadata, and/or to encrypt it against access by unauthorized users. Applications could also act on this metadata, in the same way that already happens today; for example Facebook limits access to your Friends-only photos to those who you have marked as your friends.