In the new versions of the operating system, Apple wants to build an automatic scan mechanism into the Photos app. (Image: Apple)
Shortly after Apple’s confirmation that it will scan iPhones for images of child abuse in the future, crypto experts and human rights organizations are in a storm. In the meantime, the group tries to ensure that privacy is preserved. But apart from that, there are other points of criticism of the plan, which is to be realized with updates to iOS 15, iPadOS 15, watchOS 8 and macOS Monterey. Apple announced that it will introduce the changes later this year.
Apple compares iPhone images with abuse photos
The engineers describe the technical implementation of the involuntary photo scans in a document. Accordingly, the system carries out a device-internal comparison with a database of abuse images (CSAM – Child Sexual Abuse Material). In addition to depictions of real or simulated sexual acts, this also includes depicting the genitals of a child “primarily for sexual purposes, regardless of the means.” The database is provided by the National Center for Missing and Exploited Children (NCMEC) and other protection organizations. Apple converts them into a set of hashes that are “safely stored on users’ devices”.
“Extremely high degree of accuracy”
Apple writes that the detection system uses a threshold that “provides an extremely high level of accuracy and a probability less than one in a trillion per year ensures that a certain account is falsely marked. ”If the system finds supposedly offensive images, their user data is decrypted and de r Account locked. The company manually reviews the reports before forwarding them to the NCMEC and law enforcement agencies. Users could request recovery if they believe their account was falsely tagged, writes the iPhone maker.
Messages app is also scanned
Apple also wants to add new “tools” to the “Messages” short message app. These enable parents and children to be warned about sexually explicit photos. The app uses device-internal machine learning to analyze image attachments and recognize explicit photos. The software then blurs the findings, warns the child about the content and provides them with “helpful resources”. The system notifies parents when children view a tagged picture. Apple is planning similar protective measures for sending: the child is warned before sending a corresponding picture, and the parents can receive a notification about this.
Data protection: “It’s a back door”
Client-side scanning at the “end” of the communication interrupts the security of the transmission and the information of a third party – in this case the Parents – undermine privacy, warn organizations. The Center of Democracy & Technology writes, “The mechanism that will allow Apple to scan images in messages is not an alternative to a back door – it’s a back door.” Civil rights groups around the world are warning that government and business clients are using client-side scanning Monitoring private communications could be employed. A group of experts wrote a letter to the European Union when plans to curb child pornography were being discussed there. In it, they wrote, “Breaking end-to-end encryption to contain offensive online content is like trying to solve one problem by creating 1,000 more. Insecure communication makes users more susceptible to the crimes that we try to prevent together. “
Critics now fear a wave of scan initiatives
Ross Anderson, Professor of Security Engineering at Cambridge University, commented on Apple’s plans : “It’s an absolutely terrible idea because it will lead to mass distributed surveillance of our phones and laptops.” Edward Snowden shared the comment on Twitter. Behind this is the fear that the system will be adapted to other images and texts in the future: first child abuse, then terrorism, then protests critical of the government. A colleague of Anderson, Matthew Green of the John Hopkins University, writes, “This will break the dam – governments will ask everyone to do this.” Alan Woodward, professor of computer security at the University of Surrey, told the Financial Times, “Apple’s decentralized approach is pretty much the best approach that you can choose if you take this path. “
Even if the scan initially only applies to US accounts, Apple’s approach arouses fears. In addition to the breach of privacy for children and all other Apple users, there are many unanswered questions. What criteria does the NCMEC, founded by Ronald Reagan, use? Will my account be blocked soon because I have a photo of my naked daughter on my iPhone? The perspective of this measure bothers me even more: What comes after the hashed abuse photos? Thanks to ultra-Christian dominance in American society, will we soon no longer be able to send nude photos at all? I, too, fear the opening up to further unwanted activities: In my opinion, the subject of terrorism has already cost enough freedom rights, will our photo albums be up in the future?
The other stimulus topic is cyber abuse. After Instagram, ban-as-a-service scammers could now also discover the Apple platform as a profitable playground. Can malicious people paralyze my account in the future by sending me a picture of the abuse? For me, the measure offers more dangers than benefits. The latest reports suggest that sex offenders prefer other platforms. Those who remain will turn their backs on Apple at this very moment and let the new “security measures” come to nothing. Instead, Apple users face a lot of hardship when automatic systems do make mistakes and further backdoors threaten.
Raimund Schesswendter
