The outrage by “privacy experts” on Apple CSAM scanning shows their lack of tech knowledge

On Thursday August 5, 2021, Apple confirmed that it will scan iCloud photos in transition to the cloud locally on the iPhone devices for CSAM (Child sexual abuse material).

This has brought on considerable confusion and bad faith arguments on the part of security/privacy experts or social privacy experts.

The gist of their argument is that Apple’s plan to scan for CSAM is a slippery slope which will result in eventually this method being used by Authoritarian governments. One such argument was presented by Snowden who lives in Russia under the protection of Putin. No irony in that honestly.

The truth of the matter is.. rather simple

Lets break it down :

• All iPhone data by default is encrypted using the secure enclave chip. Apple does not have the key to it neither does anyone else EXCEPT the owner of the iOS device through Face ID or finger print scan.
• if you turn on iCloud photos. your iPhone device will scan for CSAM data which Apple cannot read yet. If the number of images meet a threshold, it goes to a human for verification before it is sent to authorities with proof of usage of CSAM data by a user.
• If a user does not opt in to use iCloud or turns off iCloud after turning it on, Apple does not have the ability to perform client side searching.
• the Privacy experts are fantasizing on the notion that Apple will succumb to Chinese or Russian pressure to create similar scanning for its citizens for purposes other than CSAM.
• These same privacy experts refuse to tell you that they have made no such hue and cry about Microsoft, Twitter, Facebook, Google, Amazon which has been doing the exact same on all its customers for years.

Since 2011 when iCloud was introduced, Apple has always been able to scan and read iCloud data for verification at the time of transition to Apple’s servers. This is how Apple has been able to share data with FBI on January 6 insurrectionists and how Apple has been able to share data with local police on criminal cases. You have seen the news where Apple has refused to share data from a consumer’s phone. This was the case because these users did not share their data on iCloud so Apple couldn’t and wouldn’t. Where Apple has shared the data is when the user enables iCloud photos which means the data comes out of the secure enclave end to end encryption and being able to be read by iOS so it can be stored on iCloud servers.

The argument of slippery slope falls apart because the functionality of iOS remains the same, before iOS15 and after iOS15. Namely that Apple can only scan your data if you have opted in to have iCloud enabled. Before and After iOS15, Apple does not have the keys to scan your iPhone data which is end to end encrypted which is the case when iCloud Photos is off.

Those users who have nothing to hide should take advantage of the storage option provided by Apple because even if you store that same data on Google Photos , Amazon Photos, Facebook or Flickr. These companies scan your “set to private” data for CSAM.

The outrage seems to stem from notion that Apple has always said privacy first. It still is privacy focused because by default your data is secured through secure enclave. The user has to chose to decrypt their data for only Apple to read it if they chose iCloud photos. Again, it has always been this way since inception if iCloud in 2011