Faced with pressure by privacy groups, Apple recently said it would delay a controversial plan to scan consumers' devices for child sex-abuse images, but stopped short of renouncing the plan.
Instead, Apple said it will “collect input and make improvements” before moving forward.
This week, 14 prominent cybersecurity experts warned against any attempts to deploy technology that scans everyone's devices -- called “client-side scanning.”
“Introducing this powerful scanning technology on all user devices without fully understanding its vulnerabilities and thinking through the technical and policy consequences would be an extremely dangerous societal experiment,” they write in the report "Bugs in our Pockets: The Risks of Client-Side Scanning."
“The introduction of scanning on our personal devices devices that keep information from to-do notes to texts and photos from loved ones tears at the heart of privacy of individual citizens,” the computer scientists and security experts added. “Such bulk surveillance can result in a significant chilling effect on freedom of speech and, indeed, on democracy itself.”
Apple's original plan, unveiled in August, involved comparing images users attempt to upload to iCloud to a database of known photos depicting the sexual abuse of children. To accomplish this, Apple intended to download hashed digital fingerprints of database photos to users' devices, then scan for matches among photos users attempt to place in iCloud.
If the software found 30 matches, Apple would have manually reviewed the photos and, if it determined they are illegal, would have notified the National Center for Missing and Exploited Children, which works with the police.
News of Apple's proposed scanning technology drew immediate protests from a broad array of security experts and civil rights groups.
“Once this capability is built into Apple products, the company and its competitors will face enormous pressure -- and potentially legal requirements -- from governments around the world to scan photos ... for other images a government finds objectionable,” the ACLU Center for Democracy & Technology, PEN America, Electronic Frontier Foundation and dozens of others said in letter sent to Apple CEO Tim Cook in August. “That pressure could extend to all images stored on the device, not just those uploaded to iCloud.”
The cybersecurity experts who authored Friday's report reiterated some of those concerns.
“Even if deployed initially to scan for child sex-abuse material, content that is clearly illegal, there would be enormous pressure to expand its scope,” they write. “We would then be hard-pressed to find any way to resist its expansion or to control abuse of the system.”