Client-side message scanning can be implemented by messaging apps, including AppleA under the CSAM Act

Share This Post

Proposed Amendment to the UK Online Safety Bill Highlights CSAM. The Guardian reported that a proposed amendment to the U.K. Online Safety Bill has been submitted. The amendment will oblige tech companies to detect CSAM even in end-to-end encrypted messages. These include messages on WhatsApp, Facebook Messenger, Apple’s Messaging app, and even Instagram direct messages.

Apple and other tech firms may be impacted by a proposed modification to the U.K. online safety legislation. Even in end-to-end encrypted messages, the proposed amendment will compel tech companies to delete child sexual abuse material (CSAM). This might compel Apple and other IT firms to implement client-side message scanning.


  • Proposed Amendment Requires Companies to Find CSAM and Stop It The proposed amendment will empower the Ofcom watchdog, the communications regulator of the U.K. It can demand tech companies deploy or develop new technology that can help find abusive materials and stop it.

  • The news comes as Facebook and Instagram prepare to implement end-to-end encryption despite opposition from the U.K. government. U.K. Home Secretary Priti Patel said the change in the law will bring balance to the need to protect children and maintain the privacy of online users.  Child sexual abuse is a sickening crime. We must all work to ensure criminals are not allowed to run rampant online and technology companies must play their part and take responsibility for keeping our children safe. Privacy and security are not mutually exclusive – we need both, and we can have both and that is what this amendment delivers.

But Apple has delayed the implementation of this plan due to concerns raised about the privacy of users. The proposed amendment, if approved, could force other tech companies to implement client-side scanning similar to Apple’s to detect CSAM. Tech companies will have no choice once the bill becomes law. Failure to comply with the law will incur a fine of up to 18 million pounds ($21.5 million). Or, the fine could be 10% of a company’s global annual turnover, whichever is higher.

The amendment tightens an existing clause in the bill which already gives Ofcom the power to require deployment of “accredited technology”. The change will now require companies to use their “best endeavours” to deploy or develop “new” technology if the existing technology is not suitable for their platform. Vetting messages for child abuse materials could pose some difficulty. As it is, the only known method that the Ofcom watchdog can look into is client-side scanning. Speaking of which, Apple initially planned to roll out client-side scanning of messages. Apple’s plan to fight CSAM involved scanning messages before uploading them to the cloud.


Related Posts