Apple Explains Controversial Personal Data Scanning Tools

Craig Federighi, the senior vice president of software engineering at Apple Inc. (AAPL), on Thursday tried to water down the controversial new update the iPhone maker plans to release that will allow its devices to scan personal data, including photos and messages.

Last week, Apple announced that the new operating systems in its mobile devices will have the ability to scan, control and report material that it deems to be related to child sexual harassment material (CSAM). While the attempt seems noble, the fact that the company will automatically access personal data has stirred up a hue and cry among the users.

Federighi, in an interview with WSJ said that the features are largely ‘misunderstood’ and the algorithm will not hamper the experience of the common users. He accepted the communication of the announcement left room for such speculations. He said, “It’s really clear a lot of messages got jumbled pretty badly in terms of how things were understood. We wish that this would’ve come out a little more clearly for everyone because we feel very positive and strongly about what we’re doing.”

Trying to calm the confusion down, he added, “In hindsight, introducing these two features at the same time was a recipe for this kind of confusion. By releasing them at the same time, people technically connected them and got very scared: what’s happening with my messages? The answer is…nothing is happening with your messages.”

By ‘them’ Federighi referred to the Communication Safety and CSAM scanning features, which, according to him, are two unrelated tools.

The Communication Safety feature will alert children before viewing any message with explicit material in the iMessage app. The tool will also have an option to alert the parents in case of such an occurrence. The CSAM scanning will only take place when the photographs will be uploaded to iCloud for backup. The tech giant has developed a database with the National Center for Missing and Exploited Children and if a photograph matches with the collective learning from the database, the account will be flagged.

Both these features beckon towards the fact that the devices will be able to access and scan personal data, a knowledge that has not impressed security researchers.

Federighi said that for an account to be flagged, there needs to be at least 30 images that match with the NCMEC data. After that, a human reviewer will go through the account to see if there has been a mistake by the automated intelligence. After this process is completed, only then will an account be blocked. If a user thinks that the person was wrongly accused, the person can also appeal against the scrutiny.

“If and only if you meet a threshold of something on the order of 30 known child pornographic images matching, only then does Apple know anything about your account and know anything about those images, and at that point, only knows about those images, not about any of your other images. This isn’t doing some analysis for did you have a picture of your child in the bathtub? Or, for that matter, did you have a picture of some pornography of any other sort? This is literally only matching on the exact fingerprints of specific known child pornographic images,” added Federighi.

Talking about the process of the scan, Federighi explained that it only takes place while uploading the images to the iCloud as the phone can only scan the photos but not match them with the database.

While the company has attempted to explain their standpoint, it does not deny that the devices will have the ability to scan through personal data. So, even after the clarification, the concern over the security of personal data in iPhone 13 and other devices running on iOS 15 remains at large.

Source: Read Full Article