Craig Federighi Acknowledges Confusion Around Apple Child Safety Features and Explains New Details About Safeguards

[Apple_Robert]

Nonsense. We are angry because we are under surveillance without a warrant.
What exactly does privacy mean in your dictionary?

I don't like on-device scanning either. However, there is no warrant required as Apple is not a law enforcement agency or a representative thereof.

Legally speaking, Apple is not required to proactively scan for CSAM. They are, however, required to report said filth to NCMEC when they come across such pictures. I believe the reason Apple has taken this step and given a warning to the sick, demented minds, is so that they can lessen the potential legal liability by saying they will scan iCloud photos, which they have a right to do.

The following quote is from 2019 and was part of the iOS user agreement and to my knowledge, is still in effect. Too many people don't read the iOS update user agreement and blindly click agree and then get upset after the fact, when someone more prudent brings the user agreement to light.

"We may also use your personal information for account and network security purposes, including in order to protect our services for the benefit of all our users, and pre-screening or scanning uploaded content for potentially illegal content, including child sexual exploitation material."

Keep iCloud Photos turned off and you should be fine. Apple wants to keep the filth off their servers.

 

[DeepIn2U]

It is confusing... but they are gaslighting us into thinking it is universal confusion when there is a large subset of people with clear understanding coupled with dissent

I’m STILL perplexed that with ALL the claims of gaslighting, all the ‘large subset of people with a clear understanding with dissent‘ is angry at Apple … but not with …

FaceBook,
Google,
Microsoft,
and others that scan EVERY photo on your device because guess what(!) by default they’re already uploaded to THEIR respective cloud services and already looks at EVERY damn photo … NOT one’s matched to CSAM.

Although not directly related its interesting in the home country of Apple, you can watch someone comit suicide and do nothing (in all but a few USA states) and you’ll never be charged for in acting. Here north of the border we can. Sentiment I guess is all life is precious, including children and still the focus Is on people’s OWN privacy and yet nothing but a 5 second sound bite from WSJ rep who’s interviewing anything about violated children.

Why is this single part, violated children Not ever talked about beyond a few short seconds? Why has nobody that’s complaining with big recognition not stated CRAP about the other companies? Why is there nothing talked about what’s NOT working in reducing child trafficking, pornography (both go hand in hand btw), or child abuse of any sexual nature and offer suggestions, a dialogue.

Seems more like vilifying Apple here and affects their stock or high value image amongst consumers and other businesses.

YES I agree this is still a sensitive topic, yes maybe users should get to opt-in vs having to opt-out after implementation.

Also … this isn’t just on the iPhone … this WSJ rep failed to mention this is also on Mac’s (M1 has machine learning within as does a few of teh latest Intel cpu mac’s in recent years as well) since they upload and access iCloud Photos as well.

Well debating like crazing about the machine learning and the hash and the checking of Photos … but that’s all. Not about the other areas of the why or whom is affected beyond ourselves. I think we has Apple consumers in this community are failing each other in this overall.

We’ll see. I’m sure adjustments will be made.

 

[DeepIn2U]

How does this change the fact at all that there’s now essentially a new backdoor to be abused that’s installed in iOS 15?

Stop defending and get rid of this BS, Apple.

I don‘t think this is a “new back door” … there door was already been opened and never closed: iCloud end to end is NOT encrypted.

 

[rootee]

No. It's not wrong.
I'm aware of the feature. I understand how it works. I know my options.

Do you get that ?
I can choose to not update.
I can choose to not use icloud.
I can choose an alternate device.

I choose to agree too those terms.

Hmm, is that an exhaustive list of options? We could come together as a consumer base, with the chance of steering Apple's course back towards the privacy focused tack they've been selling the past few years.

 

[DeepIn2U]

Thank you, Craig! I wonder if Craig woke up and read my comment from the previous article haha!

Craig Federighi Acknowledges Confusion Around Apple Child Safety Features and Explains New Details About Safeguards

Apple's senior vice president of software engineering, Craig Federighi, has today defended the company's controversial planned child safety...

www.macrumors.com

All jokes aside! Let's talk business Craig, you do not know what you are talking about when all you did was praise how important privacy was. Stay away from my PRIVACY, please. It is my HUMAN RIGHT. Craig! please, give us an Opt-Out option from CSAM, please. Let our voices be heard. I will not appreciate Apple scanning my iCloud photos whether it's through AI or Hash.

It sounds like Apple is using "Protecting Children" as an example to be spying on the consumers.

STOP this mass surveillance to be launched. This needs to SHUT DOWN.

Apple you are not a Law Enforcement organization. Stop acting like one. Apple, how are you not getting the point. You are violating our PRIVACY rights. Over 7000 signatures were collected. Stop playing with our PRIVACY and HUMAN right.

LLCBuddy® - Your Business Formation & Management Buddy

Comprehensive guides on LLC and business formation and management essentials with LLCBuddy - your business formation & management partner.

appleprivacyletter.com

To take a line from Fast & Furious #1 … “you can know anything about anybody on the net, anything, so why lie?!”
I get the stance you’re taking as many others “its not that I don‘t have anything to hide, its that I don’t have anything I want you to see” - which is fine.

Has anyone fully read and can post the consumer agreement for Apple’s iCloud services and Photos regarding ownership, privacy, etc Please?

Again … there seems to be this INSANELY, and I’ll say blind, laser focus on Apple for coming up with this … yet EVERYONE that’s inflluential and big has said CRAP all about FB, Google, and Microsoft and their practices.

Also … is there any government requirement for this, despite Craig stating there was no pressure to do this? VERY curious.

Someone prior to your post stated too often big corporate states ‘think of the children’ as a way to limit Privacy ever since. No that’s not true in any capacity it’s far generic and overreaching.

That said … For all those against:
How many are parents?
How many have children under 12 feel about this?

I see Apple has a right to clarify if they think the press has misunderstood. Now the explanation is done - I find it VERY creepy Cook has stated NOTHING of this! Isnt’ he the leader and in charge? This is HIS house now … so why isn’t HE answering knocks at the door?!

I now understand the worry about how this can be misused … but can it really, more than it already can without this? photos in the cloud are NOT encrypted. There is not End to End encryption on uploads from our devices to iCloud photos right? This shouldn’t be news or shocking to any of us really …

Boston Mass. bombing during a marathon a few years back … I believe Apple participated wit’s government investigation and shared data from iCloud right?

 

[Apple_Robert]

To take a line from Fast & Furious #1 … “you can know anything about anybody on the net, anything, so why lie?!”
I get the stance you’re taking as many others “its not that I don‘t have anything to hide, its that I don’t have anything I want you to see” - which is fine.

Has anyone fully read and can post the consumer agreement for Apple’s iCloud services and Photos regarding ownership, privacy, etc Please?

Again … there seems to be this INSANELY, and I’ll say blind, laser focus on Apple for coming up with this … yet EVERYONE that’s inflluential and big has said CRAP all about FB, Google, and Microsoft and their practices.

Also … is there any government requirement for this, despite Craig stating there was no pressure to do this? VERY curious.

Someone prior to your post stated too often big corporate states ‘think of the children’ as a way to limit Privacy ever since. No that’s not true in any capacity it’s far generic and overreaching.

That said … For all those against:
How many are parents?
How many have children under 12 feel about this?

I see Apple has a right to clarify if they think the press has misunderstood. Now the explanation is done - I find it VERY creepy Cook has stated NOTHING of this! Isnt’ he the leader and in charge? This is HIS house now … so why isn’t HE answering knocks at the door?!

I now understand the worry about how this can be misused … but can it really, more than it already can without this? photos in the cloud are NOT encrypted. There is not End to End encryption on uploads from our devices to iCloud photos right? This shouldn’t be news or shocking to any of us really …

Boston Mass. bombing during a marathon a few years back … I believe Apple participated wit’s government investigation and shared data from iCloud right?

There is no legal requirement that Apple perform proactive scans. They are only required to report to NCMEC if they should come across CSAM on their servers.

 

[DeepIn2U]

It sounds like Apple is using children as an excuse to SPY on us. Just drop it Apple.

Hmm.

So if its against our privacy … and to open a back door … WHY would Apple inform the public about what their doing IF a back door and nefarious purposes was to be done/planned or to action in the future?

to quote a line from Dune books,
Children of Dune (by Frank Herbert):
p.312

"The surest way to keep a secret is to make people believe they already know the answer. people don't ask questions then."

Apple informing this and engaging in explaining this … has people asking questions, not ideal if intended for nefarious reasons. If Apple fails on this … sales, revenues will show just how many WANT this to change. It Apple fails on this it’ll blow up in their face. Publicly more than it is now.

Either way I think MANY Apple users will stop using iCloud Photos or iCloud services all together beyond iMessage.

 

[DeepIn2U]

I wouldn't want to be one of the people who have to compile the original images to have the system compare everyone's images to.

Agreed!

I think those technologists probably have lifetime of meds, pychiatrists and psychologists as part of their weekly wellness checks. Those images can really mess with your sense of self and sanity for sure.

 

[DeepIn2U]

Imagine an Apple worker looking at your personal photos because their algorithm failed, we are talking about Apple, a company that everything that release is full of bugs (macOS, iOS, etc). Ya I feel better now.

Let me remind you that you don't have access to their code, and server side, you are just believing their bs.

I think they’ll look at the hash/voucher NOT the actual photos.

From your worry who‘s to say Apple employees or contractors (3rd party or not) haven‘t already LOOKED at your, mine, his/her/they Photos at all?

 

[Apple_Robert]

Hmm.

So if its against our privacy … and to open a back door … WHY would Apple inform the public about what their doing IF a back door and nefarious purposes was to be done/planned or to action in the future?

to quote a line from Dune books,
Children of Dune (by Frank Herbert):
p.312

"The surest way to keep a secret is to make people believe they already know the answer. people don't ask questions then."

Apple informing this and engaging in explaining this … has people asking questions, not ideal if intended for nefarious reasons. If Apple fails on this … sales, revenues will show just how many WANT this to change. It Apple fails on this it’ll blow up in their face. Publicly more than it is now.

Either way I think MANY Apple users will stop using iCloud Photos or iCloud services all together beyond iMessage.

I think a lot of people are going to start educating themselves on iCloud services and they are going to find out that what they thought was encrypted and only available to them as the user, isn't really the case. Convenience and privacy don't really go hand in hand but, many Apple users feel they need the cross device syncing etc. so, they use iCloud services not really thinking about Apple having the keys.

 

[Dozer_Zaibatsu]

I'm really gung-ho with Apple for what they're doing with Apple Silicon. I've always been a hardware geezer, though. I like what you can do with these things. I make use of Apple services because they are so well integrated.

Am I wedded to the OS? No. I'd be perfectly happy to use Mint or Fedora or Arch. If, well, the OS could run software I need/want to use. If that happened, and there were Framework laptops that ran on Risc-V chips. That's a lot of "if" there, I know.

But note that a lot of Mac users are happy that it "just works." If we had the choice to have replaceable hard drives? If we could have removable/replaceable batteries? Or install other OSes? Maybe plenty of us would do it.

 

[Schismz]

Based on everything Apple has done for privacy so far I’m willing to continue to trust them. They didn’t do a good job of explaining this technology but I do believe they’re trying to do what is right, not what is easy. If in the future they go back on their word regarding widening the scope of the system to detect other things, I’ll be the first to call them out on it and call for them to be sued into the ground.

Until then I remain confident in Apple’s commitment to privacy.

Oh for sure, me too! I totally agree with you non-suspicious new account from Apple PR (ouch, how many people got fired for this delivery? Apple is usually incredibly slick, this delivery was not dancing through the mine-field, it was more tripping and falling face-first into their own **** - I guess whatever deal they cut happened at the 13th hour, not leaving much time to kick out a coherent storyline ... I mean, their own FAQ/white paper, contradicts itself).

Exclusive: Apple's child protection features spark concern within its own ranks -sources

A backlash over Apple's move to scan U.S. customer phones and computers for child sex abuse images has grown to include employees speaking out internally, a notable turn in a company famed for its secretive culture, as well as provoking intensified protests from leading technology policy groups.

www.reuters.com

It's all just selling dreams, and now, helping bridge the gap between where government cannot go, but big tech companies are free to do as they please; working together, like the super-friends, to help enable the correct narrative so everybody is thinking the appropriate thoughts, and all those antitrust issues become much smaller since it's a big Circle of Friendship and Enlightenment!

Big Brother on Device - Don't Think Different!

Turning the page from the All Singing, All Dancing, Crap of the World ... this seems to leave CalyxOS, GrapheneOS ... and stuff, that kinda seems to mostly work like a phone and have Signal integrated into it, c'est la'vie.

Si lo construyes, ellos vendrán: Apple ha abierto la puerta trasera a una mayor vigilancia y censura en todo el mundo

UPDATE: Apple announced it will provide fully encrypted iCloud backups, meeting a longstanding demand by EFF and other privacy-focused organizations, and it has officially dropped its plans to install photo-scanning software on its devices, which would have inspected users’ private photos in...

www.eff.org

There's a small crack in the iPhone's foundation. How big will it get?

Apple has made some interesting and difficult choices with its CSAM policy that are worth exploring and debating.

www.macworld.com

 

[TonnyM]

I never heard Federighi so awkwardly and confusingly explaining something.

 

[CriticalThoughtDrop]

The problem is the simpletons who equate “spyware” with thinking there are actual humans combing through all of the data and pictures on your devices. That isn’t what’s happening here, obviously. And I have serious qualms with people who think it is. That’s my only beef with the term “spyware” and those who don’t know the nuanced nature of it.

Otherwise I’m staying out of this. Living in this country, in the year 2021, after all the crap that’s gone down here in the land of the (somewhat free). I have no naive expectation of privacy and never have. That’s a quaint notion and idea. Good luck with that. There are other battles I’d rather fight, you guys can have at this one.

You clearly have no technical understanding of what spyware is. I’ll give you a little hint (see below), but there’s well established definitions, even if novel designs can blur classification, for various software architecture and spyware doesn’t not require your silly, ignorant caveats.

Wikipedia: “Spyware is software with malicious behavior that aims to gather information about a person or organization and send it to another entity in a way that harms the user. For example, by violating their privacy or endangering their device's security. This behavior may be present in malware as well as in legitimate software.”

This software uses perceptual hashing to scan the content of your images, technically the salient features, against a pragmatically government entity provided black box targeting deck, to determine if your images are “close enough,” with then end goal of harming the user, even if that user has no legitimate reason to be harmed. This is spyware on all accounts.

 

[Tech198]

haha.. "parents will be alerted"..Stop trying to be 'mr. protective'. Educate instead

Have we really come this far where we have no idea what we upload/share anymore? My guess is 'yes'

 

[DeepIn2U]

We’re not stupid, we know this is a back door for government surveillance of our personal photos.
People who engage in CSAM don’t store the images in iCloud.

Good job on spectacularly destroying the privacy focus you’ve worked so hard to build.

I recall another fruit company that used to make a great business of smartphones originally catered for businesses then to consumers was also at one time the king of end user privacy and security and they too fell VERY hard and never got back up. Is this the beginning of a steady downfall for Apple??

It isn't necessarily THIS system; it is the precedent that it sets for other systems. That is the point that Apple seems to be missing.

While I see this now … and still feel its FUD before it occurs (optimistic part of my mind), I think the part we’re all missing is no data in our iCloud Drive, Photos, iMessages IS actually encrypted and thus the precedent you/we all worry about has been a fact already since iCloud debut, that’s what we’re all actually missing here. Like Apple doesn’t need this CSAM implementation to set this precedent, now do they? No they don’t Need CSAM.

The main goal is to make sure Apple doesn’t get CSAM on its servers, so i don’t know why Apple doesn’t just do what Google, Facebook, etc do and just scan the photos in the cloud. That way if you don’t use iCloud, your stuff never gets scanned on device or off device.

Agreed with Apple’s main goal here - yet the reason why they don‘t do it on their servers is Apple doesn’t OWN their own servers and hasn’t for years - besides those in their campus’ … they use Amazon, Microsoft, etc to host their services data/traffic. Maybe their contract or how its implemented doesn’t allow for CSAM to run just on the servers ??

 

[Jemani]

How can you trust Apple to not do the right thing about the iCloud backup feature?

What's stopping Apple from secretly turning iCloud backup on and providing almost everything on your phone to a government?

Let’s say I have an older phone and this scanning feature slows down my older phone even more. Not everyone can have or get the latest most fastest phone. Apple shouldn’t be using anyone’s phone for this.

 

[DeepIn2U]

I'm not so sure about that. Intelligence agencies have always wanted to be able to snoop on phones. Their best guys can probably already figure out a way of accessing stuff in the cloud.

Apple has now provided a way to snoop on a users device. I think that should be sacred. The user can decide if they want to use the cloud or not, but if you choose not to then the OS shouldn't provide any way for a 3rd-party to snoop on the phone.

Admittedly, Apple says that device scanning only occurs for cloud users, but since they have built the technology into the device OS, it could be sequestered even for non-cloud customers.

Damn you! Second person that’s made me re-think my stance ‘for this’ really REALLY hard. I was doing so well too!

 

[jntdroid]

But while, like you, I see Apple's logic, I think they have it reversed. By maintaining absolutely privacy for the cloud, they potentially reduce absolute privacy on the device.

I actually agree with this 100% - I just didn't elaborate on it here (been posting way too much in other threads this week )

By making this choice, they've taken what was previously untouchable (what's on our device), and made it touchable - even if it's super secure, hidden, limited, etc. - it's still touchable, albeit briefly.

I don't expect my cloud stuff to be untouchable. But I do expect my device to be. I think that's what people are struggling with the most with this.

I will say, in that video (in the OP) - he used a term, "pipeline", that made me visualize this a bit differently. It gave me a visual of a programmatic pathway on the phone itself. Nothing hops on that path/pipeline unless it's going to iCloud. At the end of that path/pipeline (right as it's hitting the "web" and going off the phone and up to the cloud) there's that hash database that everything runs through. As the data is running through that hash database, matches are flagged, non matches just go through. Almost like an exit gatekeeper.

To me, that "feels" a bit better than the idea of some proactive hash scan happening on my device, mainly because it feels like a more passive activity on the software's part, and still can't complete until it's up in the cloud.

maybe that's stretching it a bit...

 

[0924487]

Google does this, Samsung does this, EVERYONE DOES THIS. So people saying it degrades Apple somehow aren’t paying attention. I don’t remember this uproar when Google started their version of this program.

I don’t mind if you install a security camera in my office, where I don’t expect privacy, but I will not agree to installing a security camera in my bedroom or in the washroom, where a reasonable person would expect total privacy.

I don’t store anything that I don’t want NSA to see on my Google Drive or Gmail account. I assume they can see everything. When I send something sensitive, I use encrypted emails. Apple is like in the middle, where I expect NSA to ultimately be able to see something after jumping through some hoops, and I intended to keep it that way.

 

[Freedom1]

After reading Craig’s interview. Sounds like he’s here to brainwash us as well. Very disappointed! When all Craig talked about how important privacy is.

Craig! How about let’s scan your iPhone and see what we find inside your iPhone. Let's go over your iPhone and lets talk about exposing privacy before you ask us to give our privacy up.

Great point. Let users scan Craig’s phone, Tim’s phone, Eddy’s phone, Phil’s phone, Jeff’s phone, all the time, whenever we choose. I imagine they wouldn’t like it.

 

[0924487]

I dearly hope it’s the former and we do get E2E encryption for iCloud backups. It’s something I’ve wanted for years!

Right now it’s a choice between privacy with encrypted backups via a Mac or convenience with iCloud backups. Most will choose convenience. I’m guilty of that too. Even though privacy is really important to me.

I disabled iCloud backups because it’s not E2E encrypted. I use encrypted backups via my Mac. I expect everything on my phone to be private to hell and back. For things that I don’t expect to be private, things I don‘t mind NSA to be able to readily see, I store in paid Google Drive, where I expect that they can see everything all the time.

 

[DeepIn2U]

It's not enough - turns out they'd already been eyeing this with a privacy policy change back in 2019

https://twitter.com/x/status/1426198789627465732

View attachment 1818358

JESUS!!

You're focusing on this specific system and technology being used.

The problem people have is the ideology and normalization of scanning user devices for ANYTHING.

edit: s/your/you're

I’m starting to get this Now.

Look - as long as there are reasonable safeguards then the cloud can be good enough and private enough for most (not all, but most). Those that need 100% privacy should be able to keep their stuff on device and not have to worry that Apple has left a backdoor open for on-device scanning and reporting to some 3rd party.

When this whole thing was announced I applauded Apple for their stance. I couldn't understand why everyone was losing their mind over any effort to protect kids and prevent the distribution of CSAM. I personally don't mind giving up privacy if it could prevent even one child being abused.

However, I do respect that others feel differently and that that e.g. my employers might feel less secure about letting me use corporate assets on a device than theoretically could be scanned externally. I don't corporate restrictions happening yet, but there should be a way to keep a phone secure if the user chooses to have it that way.

Wrong. Corporations are legally only required to report CSAM upon encountering it. That means:

1. They are under no legal obligation to look or scan for it in the first place (there's a reason Apple had record low CSAM reporting figures in previous years, they practically never went looking for it via PhotoDNA or anything like that technology)
2. They are under no legal obligation to NOT implement full E2EE wherein the customer is the only person capable of viewing the hosted content
3. They are under no legal obligation to implement any form of content scanning even if they were hosting a fully encrypted service (which means the provider, Apple, can't access anything)

There is literally nothing stopping them from implementing E2EE right now for every iCloud service -- backups, photos, and all -- without any of this client side scanning nonsense. They elected to do it themselves for God only knows what reason.

Laws unfortunately can really change at the will of those whom put forward a bill and it’s approved by majority (those in power also tends to change in cycles). I’m curious if Apple knows anything coming down the pipeline in the USA at least??!

I get it too. And this stuff, honestly doesn't bother me - I don't expect that any of my stuff on device or in the cloud is private. And I'm basically fine with that if we can stamp out CSAM and jail those that consume, distribute and make it.

But while, like you, I see Apple's logic, I think they have it reversed. By maintaining absolutely privacy for the cloud, they potentially reduce absolute privacy on the device, I think it makes the choice hard for consumers. I don't care that my cloud stuff is private - it's in the cloud and I have to assume that someone, somewhere can access it. If I wanted to keep something 100% private, I wouldn't use the cloud in the knowledge that while it remains on device it is safe.

Now - I know that Apple won't scan non-cloud connected phones. But the technology is there embedded in the phone OS just waiting on some exploit to expose millions of devices. They are human - they make errors such as the Lock Screen bug and they will do that with this, so that some nefarious teenager in some other part of the world starts scanning millions of phones by using tech built into the OS.

BINGO.

Why? Why is asking for "facts" and citations suddenly silly?

Many of the arguments supporting this spyOS 15 CSAM scanning are predicated on trusting Apple. Apple themselves have, in my opinion, eroded that trust by implementing a scanning tool that literally no one has asked for. A tool which uses a third-party government sanctioned database to weed through user content. They didn't discuss it. They didn't reveal it at WWDC.

I agree that citing Apple's source code is not going to happen. But it is necessary to ask if only to demonstrate that this spyOS is a closed source system designed to spy on its users. There is no way to spin this as "pro-privacy".

They have told you they are scanning your device looking for criminal activity. Supporting that is right in there with the "if you've got nothing to hide, you've got nothing to fear" camp. It's sickening.

They have told you they are scanning iCloud Photo uploads. What haven't they told you?

YUP! Considering their terms of agreement changed back in 2019 specifically to word scanning as shown above … this is NOT good as they are just telling us now! I thought it was good Apple was telling us in the first place were others did not At all. I was wrong.

Turn off iCloud backup and make local backups (which are more complete anyway) on your own machine. Either in iTunes or Finder if on 10.11 or later.

There are several here that do NOT own their own personal computers - I want iPad only for personal, as waiting for new 14” MBP. Now I’m wondering if I should just get an HP ZBook 14u G8 ? Not as powerful but for my daily use will work to some extent for the first year.

They are being way to coy explaining this, many unanswered questions about the process. It’s just too perfect for general surveillance by law and governments. Very surprised apple went this route, doesn’t make sense.

"Never let a crisis go to waste"

Crazy how in a year where politicians have never been more openly supportive of tracking, censorship and thought policing of the populace, there are still people clamoring for this. Contact tracing and interception of vaccine misinformation via social media and SMS today, your associates and political memes tomorrow. If history has taught us anything, it's that once you open the door, leaders don't willingly relinquish power.

Agreed.


still VERY curious why Craig had the interview speaking about this not COOK! In fact it should’ve been a full panel. Something Jobs would’ve done on sensitive topics. This situation/action … is NOT the Apple I’m a fan of, the Apple I looked toward for technology in a human way.

 

[jntdroid]

Great point. Let users scan Craig’s phone, Tim’s phone, Eddy’s phone, Phil’s phone, Jeff’s phone, all the time, whenever we choose. I imagine they wouldn’t like it.

Their phones should be subject to this exact same system. If you don't believe that, then you shouldn't trust anything Apple is doing with the software on your device.

 

[0924487]

If they are just scanning the hash couldn't the abuser not just modify the image slightly (like adding a pixel somewhere) and they would be clear?

Or just add a custom encrypted border to all the “sensitive photos” you have. This can be automatically added and automatically reverted if you have the private key to the design of the border, which is slightly different for each photo, but not significant for the human eyes. (So that it cannot be removed en masse to compare with the existing database, or add the borders remotely to be added to the database and still match the hash on your phone)