How to prevent unauthorized sales of digital files?

Hey MPUers,

I need help or advice on this topic, not sure what to do. I figured it is still ‘tech related’, so hopefully it’s okay to post.

My wife has a side business (calligrapher & wood laser/engraver). Don’t worry, I’m not going to mention her store site or instagram (unless asked or messaged privately, I don’t want to violate any community rules)

She wanted to add a new product to her shop, ‘selling her own .svg files to other creators and makers’. She asked me for digital help and I am trying to figure out a solution.

What can one do to prevent someone taking her svg file and re-listing it somewhere else and selling it again on their site (or other platform?)

I thought about the watermark, but then it would need to be removed after purchase. Or is it just the risk we take and that’s it?


Practically speaking, it’s the risk you take. Anything that would significantly deter a digital thief will also massively inconvenience your legit users.

That said, if you see it for sale anywhere you can always send takedown notices. Most web hosts are pretty good about complying with those. You might also be able to do some sort of Google alert based on the file size / signature in case you really want to try to monitor it.

But practically speaking, monitoring would probably be impractical as theoretically you’ll be continually adding artwork. :slight_smile:


My understanding is that NFTs wouldn’t prevent somebody else from obtaining or distributing the file though - it would just establish a secondary documentation for “chain of custody”.

That would give ammo in court if somebody else were to claim that the file were their own original design, as she could demonstrate the date it was created as an NFT - but I feel like if this ends up in court, the costs would be obscene relative to the minimal benefit.

Especially since it seems she’s selling her files to “creators and makers” - presumably with the idea that they would be printing and otherwise using the assets. She just doesn’t want them to turn around and re-sell the SVG files.

That said, NFT would be a really interesting way to fly if her work were “in demand” enough that she could say something like “I’m only selling 50 copies of Artwork X”. The authentication would be a way to legitimize the “limited run” nature of that sort of sale.

It would seem to me that every image sold needs to include a copyright/ownership certification. Perhaps even restricting the usage to a certain market (e.g. “Not for resale or commercial use”). You may already have the legal language established.

It would seem to me that, even when you add a watermark that has to be removed, the person who is sent the source image could simply remove the watermark and propagate it further. It comes down to a “do I trust this purchaser” decision.

Perhaps as a side, when you do keep this all in-house (rather than going out to an intermediate agent such as the NFT mentioned), one area of technical support may be to develop a database to track such things as name, date, address, contact info for the purchasers of the digital svg files.


That’s the thing I keep running into when people ask me this question (and it happens with some regularity, as I’m a web dev / Internet consultant).

Most people I’ve run into aren’t asking “how can I keep track of who owns things?”, or “how can I give the purchaser proof that they own something?”, but rather “how can I absolutely prevent somebody from distributing / selling / etc. this digital file against my wishes?”

NFTs are only really an answer to the first two questions. Watermarks, passcodes, etc. are answers to the third question. And as you’ve mentioned, they’re rather bad answers as the savvy people aren’t really deterred at all (they just break the encryption or whatever and move on), and the rest of the legitimate users are massively inconvenienced.

I’ve found that once somebody comes to grips with the fact that the answer to the third question is “practically speaking, you can’t”, then the first two questions usually just fall away. :slight_smile:

This strikes me as the best route for “keeping the honest people honest”. Make sure the language is clear, simple, and included both in the download file somewhere and on whatever platform you’re using to sell the image.

Also, in this case it’s probably helpful for OP to make sure it’s clear whether they’re actually assigning copyright / ownership (likely they aren’t), or granting a license of the image for use by the purchaser.

1 Like

The one time I have ever been aware of any work of mine being ‘claimed’ as someone else’s was a photo I had posted on Flickr which was taken 100% unaltered and displayed on a busy site with a very obvious takedown link. I used that link and never heard back. I have no faith in anyone except very small or very large operators.

You can apply DRM on documents.

That does happen sometimes. That said, for best effectiveness you don’t just email the site - you also email the hosting / server provider.