Apple Joins Opposition in UK To Encrypted Message App Scanning (bbc.com) 40
Apple has criticised powers in the UK's Online Safety Bill that could be used to force encrypted messaging tools like iMessage, WhatsApp and Signal to scan messages for child abuse material. From a report: Its intervention comes as 80 organisations and tech experts have written to Technology Minister Chloe Smith urging a rethink on the powers. Apple told the BBC the bill should be amended to protect encryption. End-to-end encryption (E2EE) stops anyone but the sender and recipient reading the message. Police, the government and some high-profile child protection charities maintain the tech -- used in apps such as WhatsApp and Apple's iMessage -- prevents law enforcement and the firms themselves from identifying the sharing of child sexual abuse material.
But in a statement Apple said: "End-to-end encryption is a critical capability that protects the privacy of journalists, human rights activists, and diplomats. "It also helps everyday citizens defend themselves from surveillance, identity theft, fraud, and data breaches. The Online Safety Bill poses a serious threat to this protection, and could put UK citizens at greater risk. "Apple urges the government to amend the bill to protect strong end-to-end encryption for the benefit of all."
But in a statement Apple said: "End-to-end encryption is a critical capability that protects the privacy of journalists, human rights activists, and diplomats. "It also helps everyday citizens defend themselves from surveillance, identity theft, fraud, and data breaches. The Online Safety Bill poses a serious threat to this protection, and could put UK citizens at greater risk. "Apple urges the government to amend the bill to protect strong end-to-end encryption for the benefit of all."
Re:Not all apps are a problem (Score:5, Informative)
By your logic,
* we should also have the Post Office scan every letter sent for CSAM.
* we should have the phone company scan every phone call for CSAM.
Re: (Score:2)
The logic does not require the systematic scanning but the possibility of it. Post-office and the telephone companies exchange protected communications which they are not allowed to scan; however scanning / wiretapping them remains a possibility upon due process according to the laws of your place, just like law enforcement could obtain clear http communications from an ISP if a judge so ordered.
EEE prevents the possibility to selectively access the contents of a given electronic exchange. The options that
Re: (Score:2)
>
EEE prevents the possibility to selectively access the contents of a given electronic exchange. The options that please ministry in charge of communications are therefore either 1) no EEE such that we are in the same situation as post-office and telephone when a judge can order wiretapping, or 2) you can implement EEE on your network but then the provider takes responsibility in scanning.
Or)
3) Police could set up honeypots to catch people
4) Police could get a warrant and go to the person's house and seize their 'phone.
The system being proposed will never work because people will install a non-spying app to exchange images.
Re: Not all apps are a problem (Score:2)
Re: (Score:2)
There have been a lot of problems with WhatsApp and Telegram
Telegram is NOT end to end encrypted by default, only its "secret" chat mode is -- which in practice users rarely enable. It just uses plain ol' TLSv1.3+, and a server compromise can reveal the contents of all messages. I keep seeing this claim pop up even among technologists because Telegram markets itself as "encrypted" .. but it's just as encrypted as well, Slashdot over HTTPS.
Re: (Score:2)
A 1 in 10000 false positive will trigger pretty much all the time on a system that sends billions of messages every day. Sometimes you should consider also whether you really want to take China, Russia, Belarus, Lybia, Siria, Iran etc. as the example of how to manage communications.
"Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." (B.Franklin. Very much out of context, but it still holds true)
Re: (Score:2)
A 1 in 10000 false positive will trigger pretty much all the time on a system that sends billions of messages every day.
Let's not forget all those people who couldn't get copies made of their own wedding videos, etc., thanks to crap like this.
Re: (Score:2)
Signal has open groups, it's not inherently different from Whatsapp in that respect.
They are both just small groups in comparison to Telegram.
Re: (Score:2)
Everyday citizens in the West don't need the ability to share video and images with strangers with little to no law enforcement oversight. You can use Signal
I'm sorry but WTF are you talking about. There's nothing more or less "strangers" with Signal than with WhatsApp. Both support one to one or one to many communications. Both support groups. Both are linked to phone numbers of recipients.
And yeah Everyday citizens absolutely need the ability to share video / images with contacts. Only earlier today it is precisely how I received my boarding pass from KLM. 2 weeks ago it was how I got sent a concert ticket. It is how I send signed confirmations to my doctor.
It starts with CSAM (Score:5, Insightful)
Soon the government will have the applications scan for ${OTHER_UNDESIRABLE_CONTENT}.
And once that becomes normalize, we look for stuff that's perfectly legal, but that the current government doesn't like (e.g. in the US under a Trump admin, stuff critical of Trump. In the UK, stuff critical of the current PM).
"Child Porn" is the root password to all human rights.
Re: (Score:2)
This proposal says the provider (e.g. Apple) has to scan the contents. It does not say the Government gets to do it. It might not appear much better to you but it's not the same thing.
Re:It starts with CSAM (Score:4, Insightful)
Apple will become a government puppet, so it's basically the same thing.
Re: (Score:2)
Apple already has in China. The contents of Chinese users' iCloud accounts is available to the government, and probably access to their phones as well.
This statement is interesting because Apple recently tried to implement exactly this technology. People quickly discovered how to create hash collisions and Apple abandoned it.
Re: (Score:2)
OK, fine. Soon the government will require tech companies to scan for ${OTHER_UNDESIRED_CONTENT}.
Happy?
Re: (Score:2)
The ability to break the law is intrinsic to a well functioning society. Automating the work of government and/or police in this arena is a fast-track ticket to a 1984-esque dystopia with consequences that vastly outweighs the occasional person doing/saying something naughty online.
So this is how it starts, pick something so obviously abhorrent that no one can really publicly support (think of the children)
categorize that content as illegal, create the precedent for trawling communications to find CP or wh
Comment removed (Score:5, Insightful)
Re: (Score:2)
They keep aborting them and we won't have to worry about it. Everything is already backdoored anyway. It came from DARPA pre-configured.
Re: Think of the children! (Score:2)
Always the first step on the slippery slope towards mass surveillance?
Citation needed.
I'm trying to imagine what form of evidence could possibly justify that claim - without cherry picking, without p-hacking, without post-hoc-ergo-propter-hoc, I think, would be...
(1) assemble a list of all regimes which had "think of the children" surveillance legislation that succeeded, say over the past 100 years, and all that didn't, (2) assemble a list of all that had mass surveillance, (3) look for correlations and try
Re: (Score:2)
Think of the Children is the new 9/11 and the terrorists have already won. It's a bugaboo. A nothing. A worthless hype-point that can be used to convince people there should be no criticism of a proposed new law because "Think of the children" means anyone daring to say that this law / ruling may be a little suspect automatically wants to get by with molesting children, or at least sharing pictures of children being molested. It defaults the argument of the people opposed to the ruling to being aligned with
Re: Think of the children! (Score:2)
Re: (Score:2)
think of the children far predates the 9/11 hysteria though.
Re: (Score:2)
Funnily enough just today a lawyer posted about a case of the police investigating someone over a single image, which another child accidently opened when they clicked a disguised link in a social media post.
https://iaingould.co.uk/2023/0... [iaingould.co.uk]
It took the police over a year to decide that's what happened and they were not going to prosecute. Due to botching the investigation it ended up costing them £25,000 plus fees.
This sort of "prank" probably goes on all the time, and if phones immediately repo
Re: (Score:2)
why is a 'slippery slope' considered a logical fallacy? It seems to be something people trot out when they want to kneecap their opponent's pattern recognition and logic.
Reminds Me of the Patriot Act (Score:3)
authoritarians (Score:2)
Authoritarians always love dragnets. Should we really treat everyone like they are guilty all the time? I don't think so.
Re: (Score:2)
We were born guilty.
Well by all accounts then (Score:2)
Why does it always have to be a fishing expedition (Score:2)
Why not just expand wiretapping law to commercial internet voice/text/video communication?
The ability to install the tap remains with the provider and needs a court order to install, checks and balances.
Clearly. . . (Score:2)
Thank God for Open Source (Score:2)
Stupid government.
This isn't (just) about child abuse (Score:3)
Time to stop this BS... (Score:4)
I think pedophiles and other criminals deserve to rot in jail and in no way do I support their crimes. But if the only way to catch said criminals is by weakening security for everyone (e.g. weakening encryption, exploiting security flaws in software rather than those flaws being fixed, deliberately inserting back doors in software etc) then I would rather let the criminals go than have weaker security for everyone.
Government claiming a technical solution in sight (Score:2)
According to this article - paywalled:
https://www.telegraph.co.uk/po... [telegraph.co.uk]
'Mrs Braverman [the government minister] cited the Government-funded Safety Tech Challenge Fund, which is helping to develop technology capable of detecting child sexual abuse material within end-to-end encrypted environments.
She said this had shown it was “technically feasible” to detect child sexual abuse while still maintaining privacy.'
Really?
Re: (Score:2)
Braverman is a racist imbecile whose only qualification is that she would lie for Boris Johnson.
She was needed to lie that breaking the Northern Ireland Protocol was not illega -- that's what promoted her from the backbenches after being rejected by Cameron and Theresa May.
She has also called the migrants arriving by boat that Brexit caused "a horde".
Lastly, The Telegraph is more biased than the news bit of Fox News.