Just because Apple has a plan — and a forthcoming security feature — designed to combat the spread of child sex abuse images, that doesn’t mean everyone’s getting on board.
WhatsApp boss Will Cathcart joined the chorus of Apple critics on Friday, stating in no uncertain terms that the Facebook-owned messaging app won’t be adopting this new feature once it launches. Cathcart then went on to lay out his concerns about the machine learning-driven system in a sprawling thread.
“This is an Apple built and operated surveillance system that could very easily be used to scan private content for anything they or a government decides it wants to control,” Cathcart wrote midway through the thread. “Countries where iPhones are sold will have different definitions on what is acceptable.”
While WhatsApp’s position the feature itself is clear enough, Cathcart’s thread focuses mostly on raising hypothetical scenarios that suggest where things could go wrong with it. He wants to know if and how the system will be used in China, and “what will happen when” spyware companies exploit it, and how error-proof it really is.
The thread amounts to an emotional appeal. It isn’t terribly helpful for those who might be seeking information on why Apple’s announcement raised eyebrows. Cathcart parrots some of the top-level talking points raised by critics, but the approach is more provocative than informative.
As Mashable reported on Thursday, one piece the forthcoming security update uses a proprietary technology called NeuralHash that scans each image file hash — a signature, basically — and checks it against the hashes of known Child Sex Abuse Materials (CSAM). All of this happens before a photo gets stored in iCloud Photos, and Apple isn’t allowed to do or look at a thing unless the hash check sets off alarms.
The hash check approach is fallible, of course. It’s not going to catch CSAM that aren’t catalogued in a database, for one. Matthew Green, a cybersecurity expert and professor at Johns Hopkins University, also pointed to the possible risk of someone weaponizing a CSAM file hash inside a non-CSAM image file.
There’s another piece to the security update as well. In addition to NeuralHash-powered hash checks, Apple will also introduce a parental control feature that scans images sent via iMessage to child accounts (meaning accounts that belong to minors, as designated by the account owners) for sexually explicit materials. Parents and guardians that activate the feature will be notified when Apple’s content alarm trips.
The Electronic Frontier Foundation (EFF) released a statement critical of the forthcoming update shortly after Apple’s announcement. It’s an evidence-supported takedown of the plan that offers a much clearer sense of the issues Cathcart gestures at vaguely in his thread.
There’s a reasonable discussion to be had about the merits and risks of Apple’s plan. Further, WhatsApp is perfectly within its rights to raise objections and commit to not making use of the feature. But you, a user who might just want to better understand this thing before you form an opinion, have better options for digging up the info you want than a Facebook executive’s Twitter thread.
Start with Apple’s own explanation of what’s coming. The EFF response is a great place to turn next, along with some of the supporting links shared in that write-up. It’s not that voices like Cathcart and even Green have nothing to add to the conversation; more than you’re going to get a fuller picture if you look beyond the 280-character limits of Twitter.