[T3OU-736]

> Hash collisions would not pass the human review. About the only consequence I can think of for hash collisions is that the person at Apple who performs the human review step has a slightly nicer day because they were about to look at an image... and then it wasn't CSAM.

I truly wish I could subscribe to this optimistic view. Experience tends to show this to be unlikely.

Two factors combine against it: 1. There is no negative consequence for a mis-flag (to the reviewer) 2. This set up is a tool, and like many tools, inventive humans will find a way to subvert it in the name of convenience. I am referring to NSLs from U.S. Patriot Act as an example. Since CSAM is such a toxic thing (let's stipulate that CSAM itself is unequivocally bad), there is less tendency to examine it closely for, well, CSAM-ness.

[simondotau]

Again, I'm only pointing out how this conflicts with Apple's description of their system. I'm in no position to know whether their description is accurate or how it will actually operate in the real world.

For the sake of argument, let's assume you're correct and Apple's review team are lazy shits who don't look at the images. Okay, so Apple then sends the report onto NCMEC. What are they going to do when they open the report and it turned out the images Apple reported were hash collisions?

[lvh]

My understanding (from someone who would know but said this in a Chatham House rules space) is that NCMEC is already incredibly underfunded, understaffed, and backlogged. Similar incentives apply to them. They're a nonprofit: a private organization who has significantly fewer dollars than Apple does.

[simondotau]

The critical follow-up question is what do NCMEC do with their backlog? Unless they're dumping this backlog directly at the feet of law enforcement, I don't see how this changes the equation.

[laurent92]

All watchers of Clara Morgan were watching what is legally categorized as “child porn” (=“any depiction of an individual under 18).

And since “depiction” includes drawing, any consumer of Hentai (s. manga) is hosting what passes legally as clear child porn.

I wouldn’t be surprised if 25% of the youth could be taken to jail according to the law, so, definitely, a learning period or warnings are required.

It’s akin to all the US adults who are registered as sex offenders because they peed in a park at night. Apple is clearly help with law abuse here.

[simondotau]

That may be true in principle, but irrelevant with respect to Apple's CSAM process. Unless the exact material is explicitly catalogued by NCMEC or another child safety organisation, there won't be a hash match.

This isn't a porn detector strapped to a child detector.

[caseyscottmckay]

Do you have a source for a single person being required to register as a sex offender for peeing in public?

[shakna]

Peeing in public is often charged as indecent exposure, which can have you forced to register as a sex offender. [0][1]

It doesn't take long to find those cases.

[0] https://www.nevadaappeal.com/news/2021/mar/21/public-urinati...

[1] https://law.justia.com/cases/california/supreme-court/3d/10/...

[saiya-jin]

You are rather desperately trying here to downplay a massive security fuckup by Apple as if its perfectly fine. One of the main selling points of Apple, heck for many the most important one, was just blown to pieces couple of days ago. Its NOT Okay for Apple to send your images further.

The only argument left missing here is 'you have nothing to hide anyway, right?'.

I would be able to accept an inferior OS incapable of true multitasking and with very limited options to set. Closed system with no sideloading. I would even accept a lousy zoom on flagships cameras compared to, well, any competition. Proprietary connection port. Mediocre battery life. Overpriced accessories. But start removing security, and that's one step too far.

[simondotau]

I was assuming for the sake of argument. I am not saying that a "major fuckup" of Apple's human review process would be acceptable.