[EagnaIonat]

> What, the cloud scanning of user photos was a good idea for you?

That is what is happening before Apples suggestion and is still happening.

> The automated surveillance that could lead to people wrongfully accused idea?

A hash scan is perfectly fine. It can tell you nothing about what is in your file except that if it matches another file that they know is CP.

Even then a flagged item has to be reviewed by law enforcement in case of a mistake and a single file is normally not enough to convict.

The chance is very slim of a mismatch. Facebook for example report a 1 in 50 billion chance of a mismatch.

To put that in context. The chance of a miss is 1 photo every 10 years across all users of facebook (approx 3 billion active users).

> If Apple can decrypt your data when they find a match, they can decrypt ALL your data.

Again. This is what is happening now for ALL service providers.

Apples suggestion was that if a file wasn't flagged it could only be decrypted by the owners device and nothing else. Not even Apple.

[thefz]

Are you OK with private companies basically playing the police with your data?

[EagnaIonat]

Let me give you a better answer to your question.

Yes I am OK with how CSAM works.

1. It is not owned by a private company.

2. Hash checking requires a 1:1 match to be flagged.

3. Any match is reviewed by law enforcement to confirm it matches what is recorded in the CSAM. This is checking your file against a descriptive record of what the file is.

4. The chance of a mismatch is so remote that its not even an issue for me. Even if you do get a mismatch it is a human that reviews it.

5. To submit a file to CSAM requires a lengthy detailed process where multiple humans review and approve before creating the Hash.

6. Every hash has a chain of custody. So if in the unlikely chance of something else being put into CSAM, you can see all the people that interacted with the system to put that hash in.

7. Service providers can be sued for content they submitted, so they have a prerogative to ensure what goes in is valid.

This process has been in place for 15 years or so.