Parker Higgins writes:
Getty Images—among the world’s largest providers of stock and editorial photos—has announced a major change to the way it is offering its pictures for sites to use. Beginning this week, in addition to the traditional licensing options, people can embed images in their sites at no cost and with no watermarks, so long as they use the provided embed code and iframe.
Sounds good, right? But there’s no such thing as a free lunch:
But in other ways, this move rings alarm bells—especially from a privacy perspective. Some of the complaints are common to all sites serving third-party scripts or resources: when a site embeds that content, whether it’s Google Analytics, a YouTube video, a Facebook Like button, or now a Getty Images iframe, it is creating a connection between its readers and the third-party host. The third-party host can possibly get and log your IP address and the exact time of the request; information about the web browser you’re using, your browser’s version, your operating system, processor information, language settings, and other data; the URL of the website you’re coming from; and sometimes tracking cookies.
This problem is, unfortunately, a fundamental property of the web as we know it. But a few facts about Getty make this situation especially troubling.
Read more on EFF.