Thousands of victims of CSAM are taking legal action against Apple for abandoning its plans to scan devices for child sexual abuse materials.
Alongside facing potential penalties exceeding $1.2 billion, the tech giant might be compelled to reinstate its previously discarded plans after concerns were raised about the potential for misuse by authoritarian governments.
Current Developments
Most cloud service providers typically scan user accounts for CSAM using a method known as digital fingerprinting.
This fingerprinting technique enables the identification of known CSAM images without requiring individuals to view them. It is intentionally designed to be somewhat flexible, allowing it to match images that have been altered while yielding minimal false positives. If an image matches, it is subsequently reviewed by a human for verification. If confirmed as CSAM, a report is generated and forwarded to law enforcement.
In contrast, iCloud is one of the few cloud platforms that does not implement such scanning, with Apple citing privacy concerns as the rationale.
To introduce CSAM detection responsibly, Apple suggested conducting on-device scanning using a fingerprinting tool, positing that this approach would be less intrusive than scanning iCloud photos. Only if multiple matches were detected would human review follow, intended to further mitigate the risk of false positives.
However, many critics highlighted the risks associated with such practices under repressive governments.
Digital fingerprints can be created for any type of content, not just CSAM. There is nothing to prevent an authoritarian state from augmenting the database with images like political campaign posters or similar material.
A tool aimed at targeting serious offenders could easily be repurposed to track individuals opposing governmental policies. If Apple received the fingerprint database from authorities, it could inadvertently assist in the suppression of political activists.
Apple initially asserted that it would refuse to comply, but critics pointed out that the company would ultimately have no choice. As Apple often claims when addressing contentious legal demands, “Apple complies with the law in every country where it operates.”
Though Apple initially rejected this perspective, it later abandoned its CSAM scanning plans, eventually recognizing the legitimacy of the concerns raised. The company subsequently utilized this argument to challenge proposed legislation.
Lawsuit from CSAM Victims
Arstechnica reports that victims of CSAM are suing Apple for its negligence in scanning.
A multitude of survivors have filed a lawsuit against Apple, citing its failure to detect and report illegal child pornography, or CSAM. […]
Survivors accuse Apple of exploiting cybersecurity as a shield to sidestep its legal obligation to report CSAM. A favorable jury verdict could result in Apple facing over $1.2 billion in penalties. Notably, privacy advocates may push for a court order compelling Apple to “identify, remove, and report CSAM on iCloud,” mandating the implementation of policies, practices, and procedures aimed at preventing the ongoing dissemination of CSAM and child sex trafficking on its devices and platforms. This could lead to the court enforcing the contentious scanning tool or a comparable alternative that adheres to industry standards for mass-detecting CSAM.
The allegations suggest that Apple profits from its policy.
Survivors contend that Apple benefits from permitting CSAM on iCloud, as child predators consider its products a safe space to store illicit content, unlike most other major tech companies that actively report such material. While Apple recorded just 267 instances of CSAM in 2023, four other leading tech firms submitted over 32 million reports. Survivors worry that if Apple’s allegedly lenient handling of CSAM persists, AI advancements could lead to a significant surge in unreported cases.
In response, the company maintains that it is taking proactive measures to remedy the situation.
Child sexual abuse material is abhorrent, and we are dedicated to addressing the risks posed to children by predators. We are consistently innovating to combat these crimes without compromising the security and privacy of our users. Features like Communication Safety, for instance, alert children when they receive or attempt to send content that includes nudity, assisting in breaking the chain of coercion leading to child sexual abuse. We are persistently focused on developing protections that work to prevent the spread of CSAM before it occurs.
DMN’s Perspective
This issue presents a no-win scenario for all parties involved. There exists an unavoidable contradiction between addressing a grievous crime and the potential for exploitation by a repressive regime.
If Apple had adopted the conventional practice of scanning iCloud photos from the outset, it’s likely that this controversy would not have arisen. Ironically, the company’s attempt to respect privacy while still aiming to achieve the same goal is what led to the current turmoil.
At this stage, it may actually benefit Apple to have the court weigh in. Should it be compelled to implement scanning, and a future government decides to misuse that capability, Apple could at least argue it lacked any choice. Conversely, if Apple prevails in court, it might establish a legal precedent that eases ongoing scrutiny.
Photo: Dan Gold/Unsplash
FTC: We use income-earning auto affiliate links. More.
