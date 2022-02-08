Apple has announced a feature that will allow it to analyze images on its devices before they are uploaded to its cloud to check if they are child pornography, and if so, report the case to the authorities or alert parents when their children receive or send such material.

Describing the feature, Apple’s justification is that it’s not abandoning its commitment to protect privacy: it does not acquire any information about images that match child sexual abuse, that it cannot access metadata or visual derivatives of matched images until a particular threshold of matches is exceeded, that the risk of false positives is extremely low, that all reports are manually reviewed, that users cannot access or view the image database, and that users cannot identify which images were flagged as child sexual abuse by the system.

Child sexual abuse is a serious problem exacerbated by the ease with which pornographic material can be shared via internet. But there are already services based on image hashing similar to those described by Apple to prevent as far as possible the creation of archives of such materials, and which have been used for some time by Apple, Google and other companies to detect their delivery via email. However, implementing a similar system for images on a device implies applying it to materials that have not been sent, and although the possession of such materials is a crime that should be prosecuted, we are entering a complex and, quite possibly, point of no return: spying on what we keep on our devices, which could be problematic if the company is pressured to use it in other instances by the authorities.

Once such a system is available, the police and other law enforcement agencies may make legal arguments to request its use for other reasons. In the UK, for example, a similar system developed years ago for internet access providers to control the spread of child pornography has already been used to try to detect images of counterfeit watches. Once the system exists, nothing prevents a government from forcing a company to use it to detect any kind of image or material, a carte blanche for any possible abuse of our privacy.

I share the Electronic Frontier Foundation’s fears that we are dealing with a backdoor system developed specifically for scanning materials on our devices, which is completely unacceptable. A backdoor is a backdoor, and the guarantees a company makes about its use will always be limited by compliance with the law. Today it’s about child pornography, tomorrow it could be a political campaign that annoys the government of the day. Adding to a system a capability to scan the user’s device is breaking end-to-end encryption, and is profoundly inadvisable from any point of view, regardless of good intentions.

The line should be crystal clear. Is the sexual exploitation of minors a crime? Yes. Should it be prosecuted? Of course. Should we develop a system that allows us to monitor everything we have on our devices to try to prevent it? No, and much less if we know that such a system would be quickly exploited for other purposes under the well-known maxim “a company has to comply with the laws of the countries in which it operates.”

By developing such a system, Apple may be moving from being a champion of privacy: “what happens on your iPhone stays on your iPhone”, to becoming the company that scans all our photos “just in case” you’re a pedophile, as well as allowing any government to look inside your phone. Not what we expected from a company that has been through so much to get to where it is.

—

This post was previously published on Medium.

***

—

Photo credit: Shutterstock