Apple Delays Scanning iPhones For Child Abuse

Uploaded on 2021-09-07 in FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms

Plans for software capable of detecting child abuse images to be built into iPhones have been temporarily suspended over privacy concerns. Apple has been developing a system which would automatically recognise illegal images when they are uploaded to iCloud and alert the authorities. The system was built to look for images that match those from libraries assembled by law enforcement to find and track the dissemination of child abuse material on the Internet.

It follows widespread criticism from privacy groups and others, worried that the on-device tracking set a dangerous precedent. There were concerns the system could be abused by authoritarian states. Apple said that it had listened to the negative feedback and was reconsidering. 

The so-called NeuralHash technology would have scanned images just before they are uploaded to iCloud Photos. Then it would have matched them against known child sexual abuse material on a database maintained by the National Centre for Missing and Exploited Children. 

If a match was found then it would have been manually reviewed by a human and, if required, steps taken to disable a user's account and report it to law enforcement.

In a statement, Apple said: "Last month we announced plans for features intended to help protect children from predators who use communication tools to recruit and exploit them, and limit the spread of child sexual abuse material. "Based on feedback from customers, advocacy groups, researchers and others, we have decided to take additional time over the coming months to collect input and make improvements before releasing these critically important child safety features." Apple has previously been an exponent of privacy and end-to-end encryption.

As well as the CSAM scanning, Apple announced and has now paused a second set of updates, which would have seen it using an AI system to identify explicit images sent and received by users under 18 through the company’s Messages app and, where those users were under 13 and had their phones managed by family members, warn a parent or guardian.

Matthew Green, a cryptography researcher at Johns Hopkins University who had criticised the plan, told the AP news agency that he supported the delay. "You need to build support before you launch something like this,'' Green said. "This was a big escalation from scanning almost nothing to scanning private files.'' Green had been among the experts last month who warned that the NeuralHash scanning system could be used for nefarious purposes. For example, innocent people could be framed after having been sent seemingly innocuous images designed to trigger matches for child pornography. Green said it would be enough to fool the system and alert law enforcement.

Privacy campaigners expressed concern that the technology could be expanded and used by authoritarian governments to spy on citizens. 

The Electronic Frontiers Foundation has been one of the most vocal critics of the system, gathering a petition signed by 25,000 customers opposing the move. Its executive director Cindy Cohn told the BBC: "The company must go further than just listening and drop its plans to put a backdoor into its encryption entirely... The enormous coalition that has spoken out will continue to demand that user phones - both their messages and their photos - be protected, and that the company maintains its promise to provide real privacy to its users."

NBC:      Metro:     CNet:      DW:        Guardian:       BBC

You Might Also Read: 

Protecting Children In The Digital Age:

« Russian Trolls Target News Websites
FBI & CISA Advice On Ransomware Attacks »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Imperva

Imperva

Imperva is a leading provider of data and application security solutions including DDoS protection, Web application security, Data security and Cloud security.

Latham & Watkins LLP

Latham & Watkins LLP

Latham & Watkins is an international law firm. Practice areas include Data Privacy, Security and Cybercrime.

Howden Broking Group

Howden Broking Group

Howden provides a range of specialist insurance solutions to clients around the world including Cyber Liability insurance.

AntemetA

AntemetA

AntemetA specializes in network infrastructure, security and cloud computing, helping companies transform their Information Systems.

Merlin Cyber

Merlin Cyber

Merlin is a premier cybersecurity platform that leverages security technologies, trusted relationships, and capital to develop and deliver groundbreaking security solutions.

e-Crime Bureau

e-Crime Bureau

e-Crime Bureau is a specialized company offering cyber/computer forensics, cyber security consulting services, forensic audit and investigations services and training to clients across Africa.

Cybint Solutions

Cybint Solutions

Cybint provides customized cyber education and training solutions for Higher Education, Companies and Government.

National Cyber Security Agency (NACSA) - Malaysia

National Cyber Security Agency (NACSA) - Malaysia

NACSA is the leading government agency in Malaysia responsible for the development and implementation of national cyber security management policie and strategies.

The ai Corporation

The ai Corporation

The ai Enterprise Fraud Solution is an on-prem or cloud-based self-service, machine learning fraud detection and prevention tool set.

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) - Pakistan

National Centre for Cyber Security (NCCS) undertakes cyber security research and plays a leading role in securing Pakistan’s Cyberspace.

ST Engineering

ST Engineering

ST Engineering is a leading provider of trusted and innovative cybersecurity solutions.

Expel

Expel

Expel provide transparent managed security services, 24x7 detection, response and resilience.

Tangible Security

Tangible Security

Tangible employs the most sophisticated cyber security tools and techniques available to protect our clients’ sensitive data, infrastructure and competitive advantage.

Reflectiz

Reflectiz

Reflectiz empowers digital businesses to make all web applications safer by non-intrusively mitigating any website risks without a single line of code.

Quzara

Quzara

Quzara provides trusted advisory services and highly adaptive cybersecurity services to federal, commercial and Defense Industrial Base customers to meet their security compliance and cyber needs.

Ever Nimble

Ever Nimble

Ever Nimble are award-winning experts in IT support, cybersecurity, and cloud technology. Our proactive approach will enhance your security and protect you from cyber security threats.