Apple is reportedly planning an update that would allow it to scan iPhones for images of child sexual abuse. According to the Financial Times, the company has been briefing security researchers on the “neuralMatch” system, which would “continuously scan photos that are stored on a US user’s iPhone and have also been uploaded to its iCloud back-up system.”
The system would “proactively alert a team of human reviewers if it believes illegal imagery is detected” and human reviewers would alert law enforcement if the images were verified. The neuralMatch system, which was trained using a database from the National Center for Missing and Exploited Children, will be limited to iPhones in the United States to start, the report says.
The move would be somewhat of an about face for Apple, which has previously stood up to law enforcement to defend users’ privacy. The company famously clashed with the FBI in 2016 after it refused to unlock an iPhone belonging to the man behind the San Bernardino terror attack. CEO Tim Cook said at the time that the government’s request was “chilling” and would have far-reaching consequences that could effectively create a backdoor for more government surveillance. (The FBI ultimately turned to an outside security firm to unlock the phone.)
Now, security researchers are raising similar concerns. Though there’s broad support for increasing efforts to fight child abuse, researchers who spoke to the FT said that it could open the door for authoritarian regimes to spy on their citizens, since a system designed to detect one type of imagery could be expanded to other types of content, like terrorism or other content perceived as “anti-government.”
At the same time, Apple and other companies have faced mounting pressure to find ways to cooperate with law enforcement. As the report points out, social media platforms and cloud storage providers like iCloud already have systems to detect child sexual abuse imagery, but extending such efforts to images on a device would be a significant shift for the company.
Apple declined to comment to FT, but the company could release more details about its plans “as soon as this week.”
Update 8/5 4pm ET: Apple confirmed plans to start testing a system that would be able to detect images of child sexual abuse stored in iCloud Photos in the United States. "Apple’s method of detecting known CSAM is designed with user privacy in mind. Instead of scanning images in the cloud, the system performs on-device matching using a database of known CSAM image hashes provided by NCMEC and other child safety organizations," the company wrote in a statement. "Apple further transforms this database into an unreadable set of hashes that is securely stored on users’ devices."
The update will be rolling out at a later date, along with several other child safety features, including new parental controls that can detect explicit photos in children's Messages.