An open letter circulating online calls on Apple to halt plans to implement new child safety tools designed to combat child sexual abuse material, with signatories that include industry experts and high-profile names like Edward Snowden.
The document, which looks more like an indictment than an open letter, offers a summary of Apple’s announcement Thursday detailing upcoming features designed to detect CSAM.
A multi-pronged effort, Apple’s system uses on-device processing to detect and report CSAM images uploaded to iCloud Photos, as well as protect children from sensitive images sent via Messages.
“While child exploitation is a serious problem, and while efforts to combat it are almost certainly well-intentioned, Apple’s proposal introduces a back door that threatens to undermine fundamental privacy protections for all users of Apple products.” it reads on the letter.
When implemented, Apple’s system will hash and match user photos to a known CSAM hash database. The process is done on the device before uploading and only applies to images sent to iCloud. A second tool uses on-device machine learning to protect children under the age of 17 from viewing sexually explicit images in Messages. Parents can choose to be notified when children under the age of 13 send or receive such content.
According to the letter, Apple’s techniques pose a problem because they bypass end-to-end encryption.
“Because both verifications are performed on the user’s device, they have the potential to circumvent any end-to-end encryption that would otherwise safeguard user privacy,” the letter argues.
For its part, Apple has stated that the new security protocols do not create a back door for its hardware and software privacy features.
The letter includes comments and criticism from a number of experts, including Matthew Green, a professor of cryptography at Johns Hopkins University who was one of the first to express concern about the implications of Apple’s measures. Green and Snowden are among the signers, which currently lists 19 organizations and 640 people who added their brand via GitHub.
Along with the suspension of implementation, the letter requests that Apple issue a statement “reaffirming its commitment to end-to-end encryption and user privacy.”