August 15th, 2021
More thoughts on Apple’s New Child-Protection Features #
I’m glad that Apple is doing something, and that their solution doesn’t make it easy to get around the new protections by default—like Facebook’s encryption option. Ben Thompson makes a good point: maybe it would have been better not to compromise the device, and do the scanning in iCloud (which parents could choose to enable). #
If you don’t use iCloud, then the safety vouchers are never sent anywhere. In that case—from a privacy standpoint—how is on-device fingerprinting different from fingerprinting in iCloud? It seems to be roughly equivalent. If Apple does enable end-to-end encryption in the future, I think their on-device approach makes a lot of sense and is better than fingerprinting in the cloud—which would rule out end-to-end encryption entirely.
In either case, the point of the CSAM detection feature is to detect the content if it’s stored in the cloud—not necessary when it’s shared. It doesn’t seem that Apple will detect or report CSAM in Messages, but they potentially could with the on-device scanning approach, and it would be the only way since Messages are already end-to-end encrypted.