The tech company announced in August its intention to start scanning iPhone users’ iCloud Photos libraries. Apple presented the move under the pretext that it would locate users’ caches of illicit content, including child sexual abuse material (CSAM).
Apple’s plans to implement new phone-scanning features have been heavily criticized by more than a dozen cybersecurity experts.
In a new 46-page study, cybersecurity experts concluded that Apple’s new monitoring plans were invasive and ineffective, and reliant upon “dangerous technology.”
In September, after its plans to introduce the new technology were widely condemned, Apple said the launch of the phone-scanning feature would be delayed for an unspecified period while it took “additional time” to consult.
“It’s allowing scanning of a personal private device without any probable cause for anything illegitimate being done,” said Susan Landau, one of the researchers and a professor of cybersecurity and policy at Tufts University.
After analyzing the technology involved in Apple’s plans, the researchers found that it was not effective at identifying images of children being sexually abused. Editing images just slightly was found to be enough to avoid detection.
“It’s extraordinarily dangerous. It’s dangerous for business, national security, for public safety and for privacy.”
Concerns over the technology’s use as a surveillance tool were raised by the group of researchers. They emphasized: “It should be a national-security priority to resist attempts to spy on and influence law-abiding citizens.”
Group member Ross Anderson, who is a professor of security engineering at the University of Cambridge, warned: “The expansion of the surveillance powers of the state really is passing a red line.” The cybersecurity researchers said that documents released by the European Union suggest that the governing body is seeking to establish a similar independent program that would scan encrypted devices for content relating to terrorism, organized crime, or the sexual abuse of children.
The group, which began its study before Apple’s initial August announcement, said they were publishing their research now to warn the EU against implementing “dangerous technology.” Apple’s Craig Federighi said that the company’s planned phone-scanning features had been “widely misunderstood.” The company has not yet commented on the cybersecurity researchers’ report.