There is no need to panic over Apple’s plans to scan iPhones

A fresh wave of hysteria has swept across the internet – to the dismay of parents and the despair of policymakers who wish that online services were safer for children and a little less shabby for us all.

This is a reaction to new child protection technologies announced by Apple for iPhones 10 days ago, which aim to scan users’ devices for images of abuse and have been greeted with a feverish response.

For once, Apple badly mishandled an announcement and finds itself behind the story. This is a pity because Apple should be commended for devising what is an ingenious solution to protect both users and vulnerable children. In an age when corporations cynically use empty virtue signalling to polish their halos, here is a concrete achievement of which Apple should be proud.

Apple says its iPhones will scan users’ devices for images of abuse.Credit:AP

Yet you wouldn’t know it from the klaxon being sounded by some distinguished computer scientists and professional campaign groups. Two experts warned that Apple is creating “serious privacy risks” in a New York Times op-ed, while Wired insisted that “when it comes to the new Apple child safety features, the hypothetical is the whole ballgame”.

That word – hypothetical – is a big clue. It’s really acknowledging there isn’t actually any decrease in privacy from Apple’s measures today – but you may be able to imagine one if you are sufficiently imaginative and paranoid. Alas, there is no shortage of paranoia in such debates, forever evoking the cliché of a “slippery slope”.

One of Apple’s initiatives is relatively uncontroversial. It’s a kind of swear filter for pictures, allowing parents to opt their children’s accounts into scanning for sexually explicit images that pass through Apple’s Messages app.

It’s another initiative, one that deals with horrific child abuse images, that has really seen our digital intelligentsia lose its marbles.

I hardly need to remind readers that both the possession and the communication of such material is a crime, so technology companies such as Apple are legally bound to do something about it. An internet service such as Apple’s iCloud is just as entitled to reject this material as a nation state is to police and maintain its own borders; it’s a tedious techno-utopian fantasy that once something is digital, earthly laws cease to apply. So, Apple will try to identify these images as they’re dispatched to its iCloud Photos service.

It works like this. A national charity – in the United States, this is the National Center for Missing and Exploited Children, or NCMEC, while in the UK it’s the Internet Watch Foundation – maintains a known database of horrific child abuse images. These images are given a mathematical signature, a kind of fingerprint called a “hash”, and services then look for that signature. If a match is found, NCMEC is alerted.

Google began scanning your emails for the fingerprints in 2008 and Facebook followed suit, for uploads, in 2011. The latter filed 17 million reports to NCMEC in 2018 – a grim statistic.

Online storage service Dropbox also scans for hashes. Apple has been scanning iCloud emails for years, but not iCloud photos.

The saga illustrates the tightrope that Apple walks, between user trust and legal obligations, and many more battles lie ahead.

The implementation is both complex and ingenious. Apple has created multi-layered shells of encryption to reassure users that it isn’t snooping, meaning that the detection takes place without “seeing” anything else on your iPhone. Contrast this with the apps you already use today on your smartphone, which trawl through every directory and which can even monitor how much time you’re spending in other apps.

Apple will only make a report to NCMEC once a threshold of positives has been received, and after Apple staff have performed a manual check. Apple says this is bad news for paedophiles with large collections of abuse images but won’t affect anyone else at all.

The saga illustrates the tightrope that Apple walks, between user trust and legal obligations, and many more battles lie ahead. Apple maintains its own key to unlock your iPhone back-ups on the production of a court order. Apple has refused to produce a “backdoor” way of accessing the phone itself, where no back-ups have been made, but law enforcement agencies use shady tools developed by hackers to find a way around this.

So, why do critics say the sky is falling in? I’ll offer two thoughts.

Specifically, this highlights a confusion about boundaries. We view a device such as an iPhone as our own – but when we use Dropbox, or Gmail, or Apple’s iCloud Photo, we’re storing material on their servers. Apple’s critics insist that a private space is being invaded, but it’s a strange claim: a distinction without a difference.

As one of the few pundits to read the details, veteran Apple-watcher Charles Arthur points out: “At the airport, whether you’re frisked at the gate or before, either way you’re scanned. And we’ve been scanned for years.”

But more generally, a good privacy scare is good for business in the ever-burgeoning Privacy Priesthood that now sprawls across academia, quangos and the NGO sector. Every initiative is a “slippery slope”. The incentive structure of attention rewards Chicken Littles who warn the sky is falling – but no reputational reward accrues to those who deflate exaggerations or scaremongering, let alone those who try to engage and build something useful.

And, ominously, policymakers are beginning to conclude that privacy experts are a constituency they’ll never please. So why bother?

The Daily Telegraph

The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.

Most Viewed in Business

From our partners

Source: Read Full Article