Apple Publishes FAQ to Address Concerns About CSAM Detection and Messages Scanning

Apple has published a FAQ titled "Expanded Protections for Children" which aims to allay users' privacy concerns about the new CSAM detection in iCloud Photos and communication safety for Messages features that the company announced last week.

apple privacy
"Since we announced these features, many stakeholders including privacy organizations and child safety organizations have expressed their support of this new solution, and some have reached out with questions," reads the FAQ. "This document serves to address these questions and provide more clarity and transparency in the process."

Some discussions have blurred the distinction between the two features, and Apple takes great pains in the document to differentiate them, explaining that communication safety in Messages "only works on images sent or received in the Messages app for child accounts set up in Family Sharing," while CSAM detection in ‌iCloud Photos‌ "only impacts users who have chosen to use ‌iCloud Photos‌ to store their photos… There is no impact to any other on-device data."

From the FAQ:

These two features are not the same and do not use the same technology.

Communication safety in Messages is designed to give parents and children additional tools to help protect their children from sending and receiving sexually explicit images in the Messages app. It works only on images sent or received in the Messages app for child accounts set up in Family Sharing. It analyzes the images on-device, and so does not change the privacy assurances of Messages. When a child account sends or receives sexually explicit images, the photo will be blurred and the child will be warned, presented with helpful resources, and reassured it is okay if they do not want to view or send the photo. As an additional precaution, young children can also be told that, to make sure they are safe, their parents will get a message if they do view it.

The second feature, CSAM detection in iCloud Photos, is designed to keep CSAM off iCloud Photos without providing information to Apple about any photos other than those that match known CSAM images. CSAM images are illegal to possess in most countries, including the United States. This feature only impacts users who have chosen to use iCloud Photos to store their photos. It does not impact users who have not chosen to use iCloud Photos. There is no impact to any other on-device data. This feature does not apply to Messages.

The rest of the document is split into three sections (in bold below), with answers to the following commonly asked questions:

  • Communication safety in Messages
  • Who can use communication safety in Messages?
  • Does this mean Messages will share information with Apple or law enforcement?
  • Does this break end-to-end encryption in Messages?
  • Does this feature prevent children in abusive homes from seeking help?
  • Will parents be notified without children being warned and given a choice?
  • CSAM detection
  • Does this mean Apple is going to scan all the photos stored on my iPhone?
  • Will this download CSAM images to my ‌iPhone‌ to compare against my photos?
  • Why is Apple doing this now?
  • Security for CSAM detection for iCloud Photos
  • Can the CSAM detection system in ‌iCloud Photos‌ be used to detect things other than CSAM?
  • Could governments force Apple to add non-CSAM images to the hash list?
  • Can non-CSAM images be "injected" into the system to flag accounts for things other than CSAM?
  • Will CSAM detection in ‌iCloud Photos‌ falsely flag innocent people to law enforcement?

Interested readers should consult the document for Apple's full responses to these questions. However, it's worth noting that for those questions which can be responded to with a binary yes/no, Apple begins all of them with "No" with the exception of the following three questions from the section titled "Security for CSAM detection for ‌iCloud Photos‌:"

Can the CSAM detection system in iCloud Photos be used to detect things other than CSAM?
Our process is designed to prevent that from happening. CSAM detection for iCloud Photos is built so that the system only works with CSAM image hashes provided by NCMEC and other child safety organizations. This set of image hashes is based on images acquired and validated to be CSAM by child safety organizations. There is no automated reporting to law enforcement, and Apple conducts human review before making a report to NCMEC. As a result, the system is only designed to report photos that are known CSAM in iCloud Photos. In most countries, including the United States, simply possessing these images is a crime and Apple is obligated to report any instances we learn of to the appropriate authorities.

Could governments force Apple to add non-CSAM images to the hash list?
Apple will refuse any such demands. Apple's CSAM detection capability is built solely to detect known CSAM images stored in iCloud Photos that have been identified by experts at NCMEC and other child safety groups. We have faced demands to build and deploy government-mandated changes that degrade the privacy of users before, and have steadfastly refused those demands. We will continue to refuse them in the future. Let us be clear, this technology is limited to detecting CSAM stored in iCloud and we will not accede to any government's request to expand it. Furthermore, Apple conducts human review before making a report to NCMEC. In a case where the system flags photos that do not match known CSAM images, the account would not be disabled and no report would be filed to NCMEC.

Can non-CSAM images be "injected" into the system to flag accounts for things other than CSAM?
Our process is designed to prevent that from happening. The set of image hashes used for matching are from known, existing images of CSAM that have been acquired and validated by child safety organizations. Apple does not add to the set of known CSAM image hashes. The same set of hashes is stored in the operating system of every iPhone and iPad user, so targeted attacks against only specific individuals are not possible under our design. Finally, there is no automated reporting to law enforcement, and Apple conducts human review before making a report to NCMEC. In the unlikely event of the system flagging images that do not match known CSAM images, the account would not be disabled and no report would be filed to NCMEC.

Apple has faced significant criticism from privacy advocates, security researchers, cryptography experts, academics, and others for its decision to deploy the technology with the release of iOS 15 and iPadOS 15, expected in September.

This has resulted in an open letter criticizing Apple's plan to scan iPhones for CSAM in ‌iCloud Photos‌ and explicit images in children's messages, which has gained over 5,500 signatures as of writing. Apple has also received criticism from Facebook-owned WhatsApp, whose chief Will Cathcart called it "the wrong approach and a setback for people's privacy all over the world." Epic Games CEO Tim Sweeney also attacked the decision, claiming he'd "tried hard" to see the move from Apple's point of view, but had concluded that, "inescapably, this is government spyware installed by Apple based on a presumption of guilt."

"No matter how well-intentioned, Apple is rolling out mass surveillance to the entire world with this," said prominent whistleblower Edward Snowden, adding that "if they can scan for kiddie porn today, they can scan for anything tomorrow." The non-profit Electronic Frontier Foundation also criticized Apple's plans, stating that "even a thoroughly documented, carefully thought-out, and narrowly-scoped backdoor is still a backdoor."

Popular Stories

iPhone 17 Pro Dual Tone Feature 1

iPhone 17 Pro Launching Later This Year With These 8 New Features

Thursday January 9, 2025 5:45 am PST by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. iPhone 17 Pro concept based on rumors Below, we recap key changes rumored for the iPhone 17 Pro models as of January 2025: More aluminum: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models ...
airpods pro 2 botw

Hearing a Mysterious Chime From Your AirPods Pro Case? It's a Feature

Thursday January 9, 2025 3:42 pm PST by
If you've been hearing a chiming sound from your AirPods Pro 2 case when the AirPods are charging, it's a feature that Apple added with the launch of Hearing Health last year. In a support guide, Apple says that the AirPods Pro may play a sound every so often while in the case to ensure the microphones and speakers are working as intended. From Apple: To help ensure that your AirPods...
iPhone 17 Pro Dual Tone Horizontal 1

iPhone 17 Pro Main Camera Sensor 'Smaller' Than iPhone 16 Pro Sensor

Friday January 10, 2025 3:14 am PST by
This year's iPhone 17 Pro models will feature a smaller main camera sensor than the one used in the Fusion camera currently found in iPhone 16 Pro models, according to Weibo-based leaker Digital Chat Station. The Chinese leaker claims that Apple will adopt a 1/1.3" sensor for the 48MP main camera in the iPhone 17 Pro and iPhone 17 Pro Max, down from the 1/1.28" sensor used in the iPhone 16...
se 4 for 2025

When to Expect the iPhone SE 4 or So-Called 'iPhone 16E' to Launch

Friday January 10, 2025 9:20 am PST by
Apple is widely rumored to be planning a new iPhone SE, and multiple sources lately have commented on the device's launch timing. The latest word comes from Apple supply chain analyst Ming-Chi Kuo. In a blog post today, he said the device will be released around the middle of the first half of 2025. In other words, around the quarter mark of 2025. That means the next iPhone SE will likely be ...
HomePod mini and Apple TV

HomePod Mini 2 and New Apple TV Launch Timeframe Narrowed Down

Sunday January 12, 2025 4:11 pm PST by
Bloomberg's Mark Gurman recently reported that Apple plans to release new HomePod mini and Apple TV models this year, and now he has provided a more precise timeframe. In his Power On newsletter today, Gurman said Apple is currently aiming to launch the new HomePod mini and Apple TV models "toward the end of the year." That timeframe suggests the devices will be released at some point...
AppleEventLogoFeature

Apple Focusing on These Eight New Low-Cost Devices in 2025

Saturday January 11, 2025 1:00 am PST by
Apple's slate of 2025 products look to be dominated by a large number of low-cost and entry-level devices. Here's what to expect. With advancements like Apple Intelligence and all-new in-house chip designs, Apple is reportedly looking to enhance many of its budget-friendly offerings, ensuring they remain competitive in an increasingly crowded market. These updates also indicate a slight...
HomePod mini and Apple TV

New Apple TV and HomePod Mini Launching This Year With One Thing in Common

Wednesday January 8, 2025 6:18 am PST by
It was recently reported that new Apple TV and new HomePod mini models will launch this year, and the devices are expected to have one thing in common. Bloomberg's Mark Gurman last month reported that the new Apple TV and the new HomePod mini will be equipped with Apple's own combined Wi-Fi and Bluetooth chip. Gurman said the chip supports Wi-Fi 6E, so that could end up being a key upgrade...
M6 MacBook Pro Feature 1

5 Reasons to Wait for Next Year's MacBook Pro

Wednesday January 8, 2025 6:33 am PST by
Apple in October 2024 overhauled its 14-inch and 16-inch MacBook Pro models, adding M4, M4 Pro, and M4 Max chips, Thunderbolt 5 ports on higher-end models, display changes, and more. That's quite a lot of updates in one go, but if you think this means a further major refresh for the MacBook Pro is now several years away, think again. Bloomberg's Mark Gurman has said he expects only a small...

Top Rated Comments

Hanterdro Avatar
45 months ago
In 5 years: “It is the law that we have to scan for government critical images. Apple only follows regional laws.“
Score: 102 Votes (Like | Disagree)
Feyl Avatar
45 months ago
I’m sorry Apple but you are not trustworthy. You and your comrades from the big tech are evil.
Score: 87 Votes (Like | Disagree)
5232152 Avatar
45 months ago
All three FAQ questions could/should actually be answered with:

"Practically speaking yes, and if we were forced to do so by a government entity you wouldn't know."

This is the problem.
Score: 59 Votes (Like | Disagree)
jshannon01 Avatar
45 months ago
This CSAM upgrade is the only one you will hear about. When it starts scanning for other things you won't know and will have no way of finding out. The timing of it in this era of censorship is suspicious.
Score: 54 Votes (Like | Disagree)
Luis Ortega Avatar
45 months ago

I’m sorry Apple but you are not trustworthy. You and your comrades from the big tech are evil.
It has become like the boy who cried wolf. Nobody really believes apple or anyone are even capable of protecting users from government snooping.
The more Cook grouses about privacy, the less I believe him and the more he sounds like a lying hypocrite.
Score: 46 Votes (Like | Disagree)
entropys Avatar
45 months ago

People do realise that companies such as Google, Adobe, Facebook et. al already use some form of automated technology to scan for and detect CSAM? Adobe does it with Creative Cloud:

https://www.adobe.com/uk/legal/lawenforcementrequests/childsafety.html

That's just one example.
So? One of the reasons we use Apple is it had a modicum of respect for privacy. Those companies don't respect our privacy.
Score: 45 Votes (Like | Disagree)