Apple Confirms Detection of Child Sexual Abuse Material is Disabled When iCloud Photos is Turned Off

[Mockletoy]

Here's the thing. That's great that you don't have any of that on your device!

But if you ever live in a country that, for some reason, wants to find something on your device and have it flagged in order to charge you with a crime, this sets a dangerous precedent.

Surveillance technology, while often well-intentioned, can easily end up in the wrong hands for nefarious purposes.

This isn’t about what might happen somewhere someday, this is about catching purveyors of kiddie porn, right now, here, today.

And if some country has those sorts of laws you mention and I am in violation of those laws then that’s a country I won’t be visiting.

 

[Wildkraut]

Scanning my photos for kiddie porn has no effect on my privacy, since I don’t have any kiddie porn.

Until someone gets screwed up for taking a pic of their toddler taking a fun bath naked.

 

[eatrains]

This can totally be done in a way which respects privacy. Anyone who’s versed in software engineering would know this.

Now, it can still be abused, yes. But not in the way you might think… hashes aren’t an abuse of privacy. Not by any means. The abuse vector comes from the fact a different scanning filter could be applied. However one would hope that Apple doesn’t turn into a totalitarian regime with Tim Cook at the reigns (nor anyone else)

Though totalitarian regimes will find a way to develop this technology themselves and put it to whatever use they see fit. But that was going to happen with or without Apple scanning for CSAM.

Exactly what "technology" do you think has been developed here?

 

[Mockletoy]

Until someone gets screwed up for taking a pic of their toddler taking a fun bath naked.

How would that be matched to a hash of known kiddie porn images?

Also, if we have to inconvenience a law abiding citizen every now and then in order to protect countless exploited children, that works for me.

 

[eatrains]

Until someone gets screwed up for taking a pic of their toddler taking a fun bath naked.

Not at all how the system works. It doesn't search your library for CSAM content, it compares images hashes with CSAM image hashes from the NCMEC.

 

[Mydel]

I agree with darcyf that if you're not doing anything wrong, then you have nothing to worry about.

Thats the most obnoxious argument ever When it comes to the privacy rights.

 

[macgabe]

Sounds like Apple just doesn't want this on their servers. Sounds reasonable tbh.

 

[Mockletoy]

Thats the most obnoxious argument ever When it comes to the privacy rights.

Not as obnoxious as saying we shouldn’t do everything we reasonably can to protect exploited children and punish their abusers because we don’t want to allow a harmless and fully automated scan that affects us in no way at all.

 

[macrumorsuser10]

Who decides what's wrong, though? Regardless of where you fall politically, there is likely something you do or have that some politician wants to make illegal.

We're starting with something that is fairly universal in people saying it's wrong, but it's a slippery slope. Now that the tools are there, an authoritarian government can start telling Apple to do whatever with it.

And everyone knows that Apple's commitment to human rights and privacy goes right out the window the moment the Chinese Communist Party asks for assistance in trampling them.

Argue with darcyf, not me. He's the one who's creeped out that someone wants to off iCloud.

 

[Robert.Walter]

For now?

this seems like part one of Spple giving the state part one of the golden access key it has long desired.

where does it stop?

 

[jayducharme]

What about Photo Stream?

That's what I was thinking. Technically, those are stored on Apple's servers. Do they count as an iCloud Photo Library of sorts? If so, all of your camera roll will be scanned anytime you're connected to WiFi. And yes, I understand this is being done for a valid reason (ostensibly). But as others have pointed out, once you make an excuse for doing it under one circumstance, other circumstances surely will follow.

 

[Khedron]

Not as obnoxious as saying we shouldn’t do everything we reasonably can to protect exploited children and punish their abusers because we don’t want to allow a harmless and fully automated scan that affects us in no way at all.

Why not do the same with every URL you type? Every email? Every message?

This measure only checks that an image is in the photos library. It does nothing to check who put it there or who looks at it. Why not have your FaceID log and time stamp every interaction with your phone so that actionable evidence against the true criminal can be gathered?

 

[antiprotest]

what’s next? scanning your stuff on iCloud for anti government materials for oppressive governments?

Don't worry, they will just assure you with "We are already doing it!" That makes you feel better all over doesn't it?

 

[laz232]

This isn’t about what might happen somewhere someday, this is about catching purveyors of kiddie porn, right now, here, today.

And if some country has those sorts of laws you mention and I am in violation of those laws then that’s a country I won’t be visiting.

if countries have their own databases they could easily add other content to the search database.

perhaps meme images that insult the monarch (see Thailand's extremely harsh rules on making fun of the royal family), or a "free Tibet" flag in China.

If you have to go on a business trip to China, Thailand etc then suddenly you may end up in a kangaroo court and facing a long prison term for images that are legal in the USA.

 

[zakarhino]

Scanning my photos for kiddie porn has no effect on my privacy, since I don’t have any kiddie porn.

Random warrantless searches of your property have no effect on you because you're not a criminal.

Warrantless surveilance of your entire digital life has no effect on you because you're not a criminal.

^ Those statements are contingent on what the powers that be define as "criminal." If the definition changes tomorrow then they'll have all the infrastructure and law in place to subjugate you as they please. At one point in time it was practically considered criminal to be Japanese in the USA, not that you would care because that has "no effect" on you if you weren't Japanese during that period of time.

If that were to happen I’d be here railing against it.

But as long as they’re just helping catch these sick freaks they have nothing but my support.

If they have all the infrastructure in place then there is no "railing against it" because by that time it's too late. There's no "railing against" nuclear weapons once we've all gone up in smoke. There's no "railing against" climate change once it's already too late and the planet is no longer viable for human life. The time to "rail against" technologies like this is not after they've been abused when it's too late, the time is NOW when the technology is capable of doing those things but hasn't yet gone that far.

Apple are implementing a system that is capable of scanning all the photos on your device against a database of images that can include images not related to child abuse, regardless of whether or not you have iCloud turned on. It doesn't matter that right now it disables itself when iCloud is off and it doesn't matter the database supposedly only includes child abuse images, it is CAPABLE of being an authoritarian tool at a moment's notice via minimal updates in the same way a nuclear bomb is capable of decimating a country with a few button presses even if the bomb is currently sitting in a silo.

You would say there's no issue with the patriot act because you're not a terrorist but it turns out the patriot act and its sister policies have been used to harass journalists and climate activists. It's not like there haven't been terror attacks on US soil since the patriot act was enacted. There were a 1000 other things the US government could have done to prevent more terrorist attacks globally but they chose the option of spying on every single citizen and violating people's constitutional rights instead. If you're actually interested in stopping "sickos" then support systems that actually combat the core issue rather than the "let's just police the entire public more" solution which won't actually stop "sickos" (terrorists use their own encrypted chat tools they make themselves according to various reports, so do child abusers most likely).

Nobody wants terrorists or child abusers in their community. Increasing the reach of warrantless, global spying programs is not the way to tackle the issue. Make no mistake, this system is capable of being a spying tool that bypasses end to end encryption regardless of how it's configured as of right now.

 

[Ursadorable]

You want to know how I know this "story update" is complete BS?

If it was limited to _just_ using iCloud services, they wouldn't need to install software on your phone to do it, which is what they said they were doing in the first article. Instead it could all be done server side.

 

[antiprotest]

Exactly what "technology" do you think has been developed here?

You wouldn't understand even if he explains it to you. You're not "versed in software engineering."

 

[Wildkraut]

How would that be matched to a hash of known kiddie porn images?

Also, if we have to inconvenience a law abiding citizen every now and then in order to protect countless exploited children, that works for me.

It will surely works flawless, just like AppReview.

/s

 

[gavroche]

based on everything that’s been explained about how it works and what purpose it serves, it’s honestly creepier that you feel the need to turn it off

Its always an incremental approach for erosion of rights. Start with the easy content, that no sane person would support. Then start going further, scanning for things like reference to illicit drugs, or drug paraphernalia. Then on to things like political affiliation, etc. Many countries, such as China, already tightly control the internet and monitor what people do. It’s only a matter of time until we are doing the same thing here.

 

[zakarhino]

You want to know how I know this "story update" is complete BS?

If it was limited to _just_ using iCloud services, they wouldn't need to install software on your phone to do it, which is what they said they were doing in the first article. Instead it could all be done server side.

Yes, that's why the other MacRumors article about how this is "a widespread practice" is infuriating and misleading. The iCloud scanning system utilized right now is only ever capable of scanning content on iCloud. This new system is capable of scanning all content on your iPhone even if you turn iCloud off.

KEY WORD: "CAPABLE"

 

[antiprotest]

That's where I'm confused at lol why bother replying to my comment? I thought I was on his ignore list.

Salty as heck! People just cant respect other's opinion.

Hey, you asked for it by commenting on here while not being "versed in software engineering."

 

[WiseAJ]

Until someone gets screwed up for taking a pic of their toddler taking a fun bath naked.

I'd be more concerned that their toddler is known part of the known CSAM image hashes

 

[antiprotest]

If they're on your ignore list, then why are you reading their posts? 🤦‍♂️

He's so "versed in software engineering" that even the ignore list cannot hide it from him.

 

[gavroche]

I agree with darcyf that if you're not doing anything wrong, then you have nothing to worry about.

Ok, but just don’t act surprised when it incrementally goes a lot further… and they are scanning emails and text messages for keywords like illegal drugs or other illegal activities, political affiliation, etc. Most email providers already scan your emails for keywords that they then monopolize and sell to advertisers. It’s inevitable that they will start scanning for anything at all, and passing it along to the government. They will end up with databases for everything… political affiliation, gun rights activists, religious affiliation, etc. Countries that already do this started out small, with content that people don’t have a problem trying to root out… such as here… and then gradually expand.

 

[macrumorsuser10]

This isn’t about what might happen somewhere someday, this is about catching purveyors of kiddie porn, right now, here, today.

And if some country has those sorts of laws you mention and I am in violation of those laws then that’s a country I won’t be visiting.

Please stop posting. This news is about a first-world country, not Sweden.