Apple Clarifies Image Privacy Changes

Recently, Apple announced some new child safety features coming later this year in updates to iOS 15, iPadOS 15, watchOS 8, and macOS Monterey. While the public generally seems pleased that Apple is taking steps to protect children online, there have been concerns about user privacy. In a recent interview, Erik Neuenschwander, head of privacy at Apple, clarifies a few points.

In this video, Sam from iUpdate breaks down the important new information from Apple regarding their CSAM detection, why they are implementing it now, and why they chose to use on-device scanning in addition to server-side checks.

As previously discussed, this topic is polarizing. While no one is advocating the production or sharing of inappropriate images of children, there are a number of people who claim that these new features go against Apples' previous position of "Privacy is a Human Right."

My own personal concerns about the way Apple makes compromises with some governments in order to trade in their territories have been somewhat eased, at least in the short-term, as these features will initially only be rolling out to the USA.

Apple previously conceded to the FBI and agreed not to end-to-end encryption on all iCloud backups, as reported by Reuters. Now there is a de facto backdoor to iCloud backups, law enforcement can request access to your data if you're suspected of a crime. Apple also changed the way they store and manage data in China at the request of the Chinese government. 

There's certainly an argument to be made that if you store your data on Apples servers, why shouldn't they have access to it? I've also seen more than one person suggest that if you have nothing to hide, then it won't be an issue.
Both of these points are good starting topics for any discussion about privacy rights in the modern world, but far too broad to give adequate attention to in this short follow up to Apples' latest announcements.

What we know for sure is that iOS will be scanning your images on your device, iOS scans for objects and text in photos to allow contextual searches based on your image content and allow copying of text from images. As part of this, Apple will be searching for specific hashes that can be compared to a database of known CSAM images. These can be manually checked and reported to the authorities when appropriate. Apple will only have access to data backed up on iCloud, even though scanning is done on the device.

My own personal concerns about the precedent this technology sets haven't been eased much. I am very excited about the quality-of-life improvements that on-device image scanning will bring, and it goes without saying that I don't have any questionable or illegal images on my device. So, I'm safe, for now. Right?

Does this interview change your mind about the new features? Will you continue to use iCloud? Would you object if Adobe started to do the same with your Creative Cloud library?

Let me know your thoughts in the comments. Remember to be nice, even if someone disagrees with you.

Brad Wendes's picture

Brad Wendes is a British photographer and travel lover.
He began photographing parkour and acrobatics in 2010 and has since taken to portraiture and fitness photography.
Brad is a self-confessed geek, Star Wars fan, tech enthusiast, cat lover and recently converted Apple Fanboy.

Log in or register to post comments
16 Comments

I do a lot of things that the government doesn't really want me doing, like traveling to other states when I've been ordered to shelter in place, driving on roads that are closed to public entry, have severe COVID symptoms but never go to the doctor or hospital because I am trying to hide my condition from the local Health Department, etc. There's a lot more, but I am afraid to mention it here.

As someone who takes many laws and regulations with a grain of salt, and doesn't adhere to all of the thousands of restrictions that the government forces upon us, I am rather concerned about the government potentially having access to the data on my device. They could use a photo to prove that I was in a closed area. They could use text messages to alert the local Health Department that I have a serious communicable illness, etc.

I liked Apple in the past because they were so hard-nosed about the confidentiality of their customer's information, and wouldn't allow the government to have access to it. But now they seem to have done a complete 180 degree spinaround, and I feel that eventually, someday, these new policies could be used to catch people for many different types of illegal activity, not just serious stuff like human trafficking. It makes me feel more uneasy about using Apple products.

I have turned off iCloud altogether. But I still use Apple as my main home computer for all of my photo storage, management, and editing needs. Do I need to be worried that someday Apple may let the government take a look at my data to help them prosecute me for some minor crime? I sure hope not.

Ah...the ol' libertarian "rules for thee, but not for me!" mindset.

It's a shame that it's come to this, but I'm pretty sure that many pedophiles also share your disdain for rules and laws.

That is not a saying that Libertarians use. Libertarians don't want excessive rules for thee or for me.

I did not say that I want excessive rules for others, but not for myself. I don't want excessive rules for anybody. I want all people to be free of the countless thousands of rules and laws that aren't absolutely necessary.

Do not attribute things to me that I never said, and do not attribute values to me that I do not hold.

It's 100% libertarian-speak.

You seem to be the one determining which rules are "excessive" and "absolutely necessary"; which ones you will follow and which ones you won't.

Your words speak for themselves. I don't have to attribute anything.

No, it is not libertarian speak at all. Libertarians do not say that they hold that ideal. It is what other people say about libertarians - people who are critical of them say that to make them appear to be hypocritical.

I don't want ANYONE to have to abide by thousands upon thousands of regulations and laws. Not me. Not thee.

To the libertarian, it means that, when confronted by laws, rules, regulations, etc, ("rules for thee" means rules for ALL), that they personally decide which are "excessive" and not "absolutely necessary", based on "freedom" or "natural rights", or some other such BS, and then disregard them (the libertarian thinks that those rules they disagree with are "not for me").

Selfish and self centered? Yep.

Hypocritical? Not so much.

I have never seen a libertarian say, "rules for thee, but not for me." Therefore, it is not libertarian speak, because libertarians do not say it.

It sounds like words that others are putting in the mouths of libertarians. Don't ever say that we said something unless we actually said it. Don't re-word our sayings and then attribute them to us. The only things you can accurately attribute to us are the actual words thatwe said, not paraphrases of them.

I've never seen a billion dollars, but that doesn't mean it doesn't exist. Last election, we had libertarian candidates here actually telling people to ignore mask mandates, put in place by those in authority to help try and stop the spread of a deadly virus, because "freedom" and 'tyranny" and "fascism" and whatever other such BS they wanted to burbble on about. Maybe they didn't use the actual words "rules for thee, but not for me", but it's the same principle. Libertarians are full of "Me! Me! Me!", "Mine!" Mine!" Mine!" and "You're not the boss of me!".

No, that isn't the same principle as "rules for thee, but not for me". It is actually the opposite. It is "no law for thee and no law for me."

In the instance you mention, the libertarians didn't want mask laws for thee, nor did they want them for me. They wanted their "no mask law" ideal to apply to all equally.

Ahh...so now libertarians are for anarchy! Good to know!

It doesn't matter what the candidate wants. The fact remains, there are laws. We have many reasons for them. Apparently, libertarians have no problem ignoring them for whatever reasons they decide. Trespassing, and potentially infecting people who may be vulnerable with a deadly virus (and whatever other laws you personally decide to ignore) are hardly altruistic behaviors. It's just more of that "you're not the boss of me!" mindset that makes libertarianism a worthless, unworkable "philosophy".

Is there any crime that you commit that wouldn't be minor given that you're the one characterizing them? Still, it is not Apple's business to turn themselves into an law enforcement agent for whatever they decide is good or bad. Frankly, the highest evil is the one they are committing, opening the door for governments to abuse their citizens. As a researcher in this very field said over the weekend, the only difference between looking for child porn and looking for dissidents is the database being referenced.

Timothy Linn asked,

"Is there any crime that you commit that wouldn't be minor given that you're the one characterizing them?"

Possibly, but unlikely. It really depends on how one defines "minor".

I was carjacked by 5 males in their early 20s back in 1997. They stood across the road (a tiny backroad) to block my path. When I stopped to avoid running them over, they walked up to my pickup - 4 of them hopped in the bed and the other opened the passenger door and sat next to me. He told me that I was going to take them to such and such a place about 20 minutes away. He told me I was going to give him some money so I took out my walled and gave him the cash that was in it. ​I complied because I couldn't think of anything else to do that would not end badly. I think that what they did was minor, and did not report the incident because I believe The Law overreacts to things like this and considers it a big deal.

In early 2019, my garage was broken into forcibly (completely destroyed the door) and everything valuable inside the garage was stolen. The Prosecutor asked me to make a list of all the stolen items I could remember and that itemized list came to over $6,000. I consider that break-in and theft to be a minor crime, not very serious. Although there are many people who think that breaking in and robbing someone is very serious, and would consider it to be a big deal.

An earlier article/video on this topic generated dozens of comments. Some who commented were very concerned. Others put forward the "if you have nothing to hide, you have nothing to fear" argument in support of the change.

The core issue is the use of a non-government entity to proactively assist in the finding and reporting of potentially illegal activity. It remains potentially illegal because any data found and reported still has not been put to the test in court. It is therefore, an allegation not a finding of guilt.

The best and only way to win back your privacy and to discourage this type of change is to not participate (or to at least limit your participation) in technology that erodes your privacy.

I think some people at Apple have lost their minds. This isn't even warrantless search, because Apple isn't law enforcement - they're just God, apparently. The "public" is always happy to hear about some new attack on child pornographers, drug dealers or terrorists - so I assume the latter 2 will be Apple's next announced targets. After that, it's on to deadbeat Dads and, naturally, white supremacists. Apple can do all sorts of great things - that our law enforcement can't, because of dumb court decisions about "rights" and "privacy".

Virtue signalling, say hello to marketing.

No one (okay, very few) are in favor of child porn. But the ramifications of this cure is worse than the disease.

the icloud-mail scanning from 2019: https://9to5mac.com/2021/08/23/apple-scans-icloud-mail-for-csam/

Can such a company ever be trusted again?
Did they tell the icloud-mail-users about this feature?

I don't accept this kind of behaviour - and i assume Apple won't be the only one making that kind of abuses.