SecureMac, Inc.

Checklist 246: Apple Delays CSAM Plans

September 10, 2021

Apple delays CSAM scanning tech for iOS, but will that satisfy the critics? Plus: Looking for consistency in criticism of Apple’s plans.

Checklist 246: Apple Delays CSAM Plans

This week on The Checklist:

Apple halts CSAM rollout … for now

A while back, Apple announced plans to introduce new features designed to keep kids safe. In brief, these were:

  • Tools to help parents keep tabs on what their kids are doing online
  • Updates to Siri and Search intended to offer guidance to kids and parents when they run into unsafe situations
  • Scanning of iCloud photo uploads on iOS and iPadOS as a way of stopping the spread of child sexual abuse material (CSAM)

Of the three proposed changes, the last one — on-device CSAM scanning — was by far the most controversial. We covered Apple’s plans, along with objections from the privacy and security communities, on Checklist 242: Expanded Protections and Pushback and Checklist 243: Protections, Passwords, and Kids.

According to a new story from CNET, Apple is delaying the rollout of their CSAM scanning tech in order to “take additional time … to collect input and make improvements before releasing these critically important child safety features”.

A good start, but …

A simple delay, however, is not nearly enough — at least according to two privacy groups that have opposed Apple’s plans from the start.

Electronic Frontier Foundation published a response to Apple’s announcement that read, in part:

EFF is pleased Apple is now listening to the concerns of customers, researchers, civil liberties organizations, human rights activists, LGBTQ people, youth representatives, and other groups, about the dangers posed by its phone scanning tools. But the company must go further than just listening, and drop its plans to put a backdoor into its encryption entirely.

Fight for the Future, meanwhile, says that it will follow up on its campaign of petitions demanding that Apple abandon the proposed technology with in-person protests at a number of Apple Stores around the United States. Those protests are planned for Monday, September 13 — so if you were thinking of heading out to your local Apple Store to do some shopping, you may want to hold off for a day or two!

It’s only spying when someone else does it

It’s not just privacy organizations that have come out in criticism of Apple — politicians (perhaps unsurprisingly) have wanted to have their say as well.

In Germany, Manuel Höferlin, the Digital Agenda committee chairperson for Germany’s lower house of parliament, said that Apple was on a “dangerous path” with its CSAM scanning plans. According to a story from Apple Insider, Höferlin sent a letter to Apple CEO Tim Cook in which he

expressed unease over the initiative (…), saying the system undermines “secure and confidential communication” and represents the “biggest breach of the dam for the confidentiality of communication that we have seen since the invention of the Internet”

It sounds like a reasonable objection, but there’s a little bit more to the story than meets the eye. Apple Insider points out that, despite Höferlin’s principled stand for privacy, other parties within his government have a somewhat more “relaxed” attitude when it comes to undermining secure and confidential communication. As it turns out, the German Federal Criminal Police Office purchased NSO Group’s notorious Pegasus spyware as early as 2019, and have apparently been using it ever since. This was disclosed in a parliamentary session earlier in the week, according to reports in the German press.

In fairness to Höferlin, he may be one of those politicians who opposes privacy violations whether they’re committed by a big tech company or by a law enforcement entity. Granted, that kind of consistency may be uncommon, but we certainly think it’s an ideal to aspire to!

If you’d like more security and privacy news, analysis, and advice, take a moment to visit our archives. If you have a question for us (or an idea for a show topic), please write to us and let us know!

Join our mailing list for the latest security news and deals