I'm hearing a lot of conflicting stuff in this thread.
"Apple only scans for CSAM for stuff that uploads to iCloud".
"Apple has E2EE for pictures"
"Apple will review your pictures if there is a CSAM Hit."
"Apple can't review your encrypted stuff."
"But Apple will review your encrypted stuff"
So, what is it? Is the stuff encrypted when sent to iCloud (I think the answer to that is "no"). And if that is the case, why doesn't apple scan for it on iCloud? And if they ARE scanning for it in iCloud then what is the point of scanning our devices? If stuff IS encrypted when sent to iCloud, then how does Apple review it in person if there are CSAM hits? Does apple have a master decryption key (I think the answer to that one is "Yes"). And if they have a master decryption key, why do they need to scan it on our devices, if they can decrypt it anyway in iCloud?
There's a lot of conflicting stuff. And, once again, this is a CHOICE by Apple to proactively scan our devices, not a requirement of the law.
It's very much like the COVID meme that I saw recently... you have a 99.997% chance you won't get cancer... but we're going to give you chemo anyway. Well, there's a 99.997% (probably greater) chance that people aren't going to upload CSAM to iCloud.... BUT... we're going to install software on your phone anyway.
Repeating incorrect info that Apple has clearly pointed out answers to in multiple documents and interviews won’t make conspiracy theories any more true.
* Apple does not “scan” anything on device. The do a hash comparison if, and only if, one has iCloud Photos turned on.
* If iCloud Photos is NOT turned on, no hash comparison takes place for anything.
* If iCloud Photos IS turned on, hash comparison takes place, but no one, including, Apple knows about it or “sees” anything. People don’t have to believe that, but it is a fact. It is nothing more than an on-device comparison that will mark photos if they match on-device hashes.
* Apple does NOT review every pic that may have a hash match. As reported, it will take upwards of 30 matches to take place before Apple reviews low-resolution versions of pics to see if they match what is in the database.
* Apple does NOT report to law enforcement/governments. If all of the above criteria has been met and an account is positively shown to be uploading known child pornography to iCloud, Apple suspends the account and reports the relevant information to the NCEMC, a non-government not for profit organization set up specifically to protect children from being exploited. Yes, the NCEMC may involve law enforcement at this point, but only if their research further proves that the account/person in question is in fact in possession of child pornography.
* No one said Apple wasn’t doing this by choice. But, by knowing about child pornography on their servers, they are required by law to report that.
So, why is this BETTER than what every other company mentioned is doing?
Facebook, Google, etc. actively compare every single one of your personal photos uploaded to their servers. Every single one!
Apple will NOT compare any photo if you are not uploading them to iCloud. If you are uploading to iCloud, they are only tagging those specific photos and never review/see/tag any of your other photos, even those uploaded to iCloud. Again, Facebook, Google and others scan every single thing you send or upload to your accounts with them.
If your concern then is that the has database hard coded in iOS which is 100% controlled by Apple (no different than any other hash database already on your phone…yes, there are others that have been there for years) can somehow be ”hacked” and used against you to wrongly convict you of being a child pornographer, I’m not sure what I can say to convince you of the one in one trillion number that they have clearly presented.
My only comment on that is that there are HUNDREDS of easier ways for any hacker to frame you or access info on your phone. They wouldn’t waste their time using a system set up with so many checks and balances on all sides involved to even bother.
Inserting “alternative” hash info into iOS is not only impossible unless you are the person at Apple that actually does that programming, but what happens next? If you want to jump to the conclusion that Apple can then work with government to not only add this, but then share that info, again, not sure what I can say to convince a person that believes such a level of conspiracy that this has even a LOWER chance than one in one trillion of happening.
I think if people would take less than 15 minutes to read the FAQ Apple released, while not answering ALL of the questions or going into the details of the tech, it does answer the vast majority of “real” questions and not the “what ifs” people will always have for any tech that is introduced. Practically ANYTHING can happen…but “what are the odds” are the questions people either don’t want to recognize or simply choose to avoid so it can support what they believe or want to believe to be true in their mind. Nothing I or Apple or anyone else can say will change that.