Apple unveiled a plan two weeks ago founded in good intentions: Root out images of child sexual abuse from iPhones.
But as is often the case when changes are made to digital privacy and security, technology experts quickly identified the downside: Apple’s approach to scanning people’s private photos could give law enforcement authorities and governments a new way to surveil citizens and persecute dissidents. Once one chip in privacy armor is identified, anyone can attack it, they argued.
The conflicting concerns laid bare an intractable issue that the tech industry seems no closer to solving today than when Apple first fought with the F.B.I. over a dead terrorist’s iPhone five years ago.
The technology that protects the ordinary person’s privacy can also hamstring criminal investigations. But the alternative, according to privacy groups and many security experts, would be worse.
“Once you create that back door, it will be used by people whom you don’t want to use it,” said Eva Galperin, the cybersecurity director at the Electronic Frontier Foundation, a digital-rights group. “That is not a theoretical harm. That is a harm we’ve seen happen time and time again.”
Apple was not expecting such backlash. When the company announced the changes, it sent reporters complex technical explainers and laudatory statements from child-safety groups, computer scientists and Eric H. Holder Jr., the former U.S. attorney general. After the news went public, an Apple spokesman emailed a reporter a tweet from Ashton Kutcher, the actor who helped found a group that fights child sexual abuse, cheering the moves.
But his voice was largely drowned out. Cybersecurity experts, the head of the messaging app WhatsApp and Edward J. Snowden, the former intelligence contractor who leaked classified documents about government surveillance, all denounced the move as setting a dangerous precedent that could enable governments to look into people’s private phones. Apple scheduled four more press briefings to combat what it said were misunderstandings, admitted it had bungled its messaging and announced new safeguards meant to address some concerns. More than 8,000 people responded with an open letter calling on Apple to halt its moves.
As of now, Apple has said it is going forward with the plans. But the company is in a precarious position. It has for years worked to make iPhones more secure, and in turn, it has made privacy central to its marketing pitch. But what has been good for business also turned out to be bad for abused children.
A few years ago, the National Center for Missing and Exploited Children began disclosing how often tech companies reported cases of child sexual abuse material, commonly known as child pornography, on their products.
Apple was near the bottom of the pack. The company reported 265 cases to the authorities last year, compared with Facebook’s 20.3 million. That enormous gap was largely due, in most cases, to Apple’s electing not to look for such images to protect the privacy of its users.
In late 2019, after reports in The New York Times about the proliferation of child sexual abuse images online, members of Congress told Apple that it had better do more to help law enforcement officials or they would force the company to do so. Eighteen months later, Apple announced that it had figured out a way to tackle the problem on iPhones, while, in its view, protecting the privacy of its users.
The plan included modifying its virtual assistant, Siri, to direct people who ask about child sexual abuse to appropriate resources. Apple said it would also soon enable parents to turn on technology that scans images in their children’s text messages for nudity. Children 13 and older would be warned before sending or viewing a nude photo, while parents could ask to be notified if children under 13 did so.