Apple shifts stance on CSAM scanning following widespread criticism
The tech giant will now only flag images that had been supplied by clearinghouses in multiple countries
The tech giant will now only flag images that had been supplied by clearinghouses in multiple countries and not just by the US National Center for Missing and Exploited Children (NCMEC), as announced earlier.
In a change of stance, Apple also decided to publicly define a threshold for the number of CSAM images identified for law enforcement to be potentially alerted. The tech giant has announced that it will take 30 matches for the system to launch a human review which, if proven legitimate, will lead to authorities being notified about the presence of CSAM in a person’s iCloud library.
“We expect to choose an initial match threshold of 30 images,” Apple said in a Security Threat Model Review published late last week.
“Since this initial threshold contains a drastic safety margin reflecting a worst-case assumption about real-world performance, we may change the threshold after continued empirical evaluation of NeuralHash false positive rates – but the match threshold will never be lower than what is required to produce a one-in-one trillion false positive rate for any given account.”
Since Apple's initial announcement on 6 August, it has garnered substantial criticism from customers, privacy advocates, and even Apple employees.
Don’t just educate: Create cyber-safe behaviour
Designing effective security awareness and training programmesDownload now
Last week, it was reported that the tech giant’s internal Slack channel had been flooded with more than 800 complaints about the technology, with many complaining that the move will sabotage Apple’s privacy-respecting reputation. Others have defended the tech, which ultimately aims to preserve the safety of minors and lead to the arrest of child sexual abuse offenders.
Privacy advocates have criticised the tech giant for deciding to roll out technology that could potentially be abused by authoritarian states to silence political opponents, journalists, and human rights campaigners. Apple responded by maintaining that the technology would not scan user’s iCloud uploads for anything other than CSAM, adding that it would reject governmental requests to "add non-CSAM images to the hash list".
The ultimate law enforcement agency guide to going mobile
Best practices for implementing a mobile device programFree download
The business value of Red Hat OpenShift
Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShiftFree download
Managing security and risk across the IT supply chain: A practical approach
Best practices for IT supply chain securityFree download
Digital remote monitoring and dispatch services’ impact on edge computing and data centres
Seven trends redefining remote monitoring and field service dispatch service requirementsFree download