Is Apple Backing Down on Privacy Rights?
After Blackberry, iPhone is widely considered to be the most secure mobile device available to consumers. Apple has a reputation for protecting its customer’s privacy. Unfortunately, lately it hasn’t been getting the best press on its policy prying into the content on your phone to stop child exploitation.
Apple has apparently always had the ability to use a backdoor to scan your stored photos on the iCloud, but this is the first time it is using it. This type of corporate spying violates the privacy rights of millions of Apple customers, even though child porn is detestable.
How “Protections” Are a Double-Edged Sword
Ostensibly, Apple is trying to end child exploitation by using a machine learning algorithm to indicate to legal authorities when someone possesses a picture of a nude child. Apple’s proposed technology will continually monitor the saved or shared photos on the user’s devices. The system will automatically alert the authorities if a certain number of objectionable photos are detected in iCloud storage.
Encryption protection may not apply because the checks are done on the devices themselves — the check is essentially conducted from inside, so there’s no opportunity to keep an outsider out.
In a statement, the Center for Democracy and Technology said that it is “deeply concerned that Apple’s changes in fact create new risks to children and all users, and mark a significant departure from long-held privacy and security protocols.”
While protecting child exploitation is noble! One problem is that hostile governments can alter this specific model to scan for a different data set; Apple can use different media fingerprinting datasets for each user, potentially changing it in response to any demand from various governments.
The entire point of smartphone security is that you are protected from government intrusions. There have been numerous times when governments invade people’s privacy after citing reasons for doing so which are noble on the surface. Whether they claim it’s to protect children from predators or safeguard national security, it’s very dangerous when tech companies give governments the means to snoop on their citizens.
For example, the Indian government has called on social media companies to maintain a searchable database that lets them identify the original poster of any content, citing national security. This government has targeted students, activists, journalists perceived as hostile and has played a significant role in the Delhi pogrom of 2020. Giving them or any government tools to undermine privacy rights can lead to terrible outcomes, even if everybody supports the stated reasons.
The backlash against Apple for creating technology that undermines citizens’ privacy rights has taken hold even among Apple employees. Reuters reports that an internal Slack thread from Apple employees had over 800 messages, raising concerns about repressive governments using this technology to censor or arrest citizens.
Others worried that this technology might undermine Apple’s reputation for safeguarding privacy. While these employees work outside of lead privacy and security roles, even hearing of pushback from Apple employees is rare, given the company’s ordinary code of secrecy concerning the release of new products.
Not every employee objects to the policy, though some hope that the backlash will cause Apple to fully encrypt the iCloud for customers who want it, reversing Apple’s direction once again. Users are right to ask themselves, what is the point of partial or occasional encryption? Everyone knows that the big deal about encryption is that it’s a dependable firewall, always protecting your security.
Edward Snowden, the famous American whistleblower on the US government’s NSA spy program, denounced Apple’s new technology on Twitter. “Apple says to ‘protect children,’ they’re updating every iPhone to continuously compare your photos and cloud storage against a secret blacklist…if it finds a hit, they call the cops. iOS will also tell your parents if you view a nude in iMessage.”
“No matter how well-intentioned, Apple is rolling out mass surveillance to the entire world with this…make no mistake: if they can scan for kiddie porn today, they can scan for anything tomorrow. They turned a trillion dollars of devices into iNarcs—*without asking.*”
Snowden is widely considered to be a subject matter expert on technology and cybersecurity, so his opinion is valuable for reasons beyond his high profile.
A Rubicon Moment
Sarah Jamie Lewis, Executive Director at Open Privacy, called it “clearly a Rubicon moment for privacy and end-to-end encryption.” Is Apple signalling that it no longer prioritizes privacy? Clearly, a cross-section of security experts thinks so.
Even if Apple were to reverse course and halt this new invasive technology, how could anybody trust them again to put privacy rights at the centre of their products after contemplating such a breach?
The business model of the world’s largest data collectors will always conflict with privacy because they make their money by selling ads to third-party companies and eventually expand to such a degree that they can’t operate in vast markets without the assent of repressive governments.
For years, Apple has enjoyed a reputation for being the most secure mainstream phone platform. The company’s latest technology only signals that its alleged commitment to user privacy can be instantly revoked.