The CSAM controversy ought to have been obvious to Apple, but it seems that it wasn’t. Instead, the company was left scrabbling to respond as it came under fire from all quarters.
The question is: What will Apple do now? I have my theory …
The CSAM controversy
We’ve previously outlined the sequence of events.
Apple was already placed on the back foot when the plans were leaked shortly before the company announced them. Cryptography and security expert Matthew Green tweeted the plans, saying it was a bad idea.
The leak – which didn’t include details of the protections Apple has against false positives – meant that four concerns were raised ahead of the announcement.
Then there was the official announcement itself. This, honestly, was in large part responsible for mainstream media confusion – because it included two totally separate measures that were quickly and erroneously conflated in numerous reports:
- CSAM scanning using digital fingerprints from known abusive materials
- AI-powered detection of probable nudes in iMessages sent or received by children
Security experts continued to raise concerns even after the announcement, as did many of Apple’s own employees.
Apple responded by leaking an internal memo, publishing a six-page FAQ, and engaging in a mass of background briefings and interviews to try to correct misapprehensions and address well-founded concerns. In one of those, Craig Federighi admitted that Apple should have handled things differently.
Since then, there’s been absolutely no sign of the fuss dying down. Indeed, the number of individuals and organizations calling for a rethink has only increased.
Additionally, we discovered that Apple was already scanning iCloud Mail.
Apple’s three options
Apple now has a decision to make. It can press on as planned, launching CSAM scanning on day one of the official launch of iOS 15. It can do a U-turn, and announce that it has abandoned the plans in light of the concerns raised. Or it can do what I personally consider most likely, and delay the launch.
Apple of course took this approach with App Tracking Transparency (ATT), and in that case the only objections were coming from ad companies and advertisers. Privacy campaigners and Apple customers were all in favor.
CSAM scanning is different. Privacy campaigners and security experts are generally somewhere in the range of wary to resolutely opposed, and the same seems to be true of many Apple customers. The case for holding off in this launch is way stronger than it was for ATT.
Abandoning the plans would probably be too embarrassing for Apple. It has put a huge amount of work into selling the benefits, and explaining why it considers the move safe. But pressing ahead at a time when there is so much opposition seems equally unlikely.
So my money is on a delay. Either until the fuss has died down (assuming it does), or until the company has thought of some additional safeguards.
If the fuss does die down, then the prevailing view here at 9to5Mac is that the feature will be quietly added to a dot release whose notes focus on the headline features, and just include CSAM scanning as a bullet point.
What’s your view? Please take our poll, and share your thoughts in the comments.
Update: Apple did indeed delay the rollout, saying that it is working on additional safeguards.
FTC: We use income earning auto affiliate links. More.
Comments