Facebook's Former Security Chief Discusses Controversy Around Apple's Planned Child Safety Features

Amid the ongoing controversy around Apple's plans to implement new child safety features that would involve scanning messages and users' photos libraries, Facebook's former security chief, Alex Stamos, has weighed into the debate with criticisms of multiple parties involved and suggestions for the future.

Child Safety Feature
In an extensive Twitter thread, Stamos said that there are "no easy answers" in the debate around child protection versus personal privacy.

Stamos expressed his frustration with the way in which Apple handled the announcement of the new features and criticized the company for not engaging in wider industry discussions around the safety and privacy aspects of end-to-end encryption in recent years.

Apple was invited but declined to participate in these discussions, and with this announcement they just busted into the balancing debate and pushed everybody into the furthest corners with no public consultation or debate.

Likewise, Stamos said that he was disappointed with various NGOs, such as the Electronic Frontier Foundation (EFF) and National Center for Missing & Exploited Children (NCMEC), for leaving little room for discussion in their public statements. The NCMEC, for example, called Apple employees that questioned the privacy implications of the new features "the screeching voices of the minority." "Apple's public move has pushed them to advocate for their equities to the extreme," Stamos explained.

Stamos urged security researchers and campaigners who were surprised at Apple's announcement to pay closer attention to the global regulatory environment, and speculated that the UK's Online Safety Bill and the EU's Digital Services Act were instrumental in Apple's move to implement the new child safety features.

One of the basic problems with Apple's approach is that they seem desperate to avoid building a real trust and safety function for their communications products. There is no mechanism to report spam, death threats, hate speech, NCII, or any other kinds of abuse on iMessage.

He also said that Apple does not have sufficient functions for trust and safety, and encouraged Apple to create a reporting system in iMessage, roll out client-side ML to prompt users to report something abusive, and staff a child safety team to investigate the worst reports.

Instead, we get an ML system that is only targeted at (under) 13 year-olds (not the largest group of sextortion/grooming targets in my experience), that gives kids a choice they aren't equipped to make, and notifies parents instead of Apple T&S.

Stamos said that he did not understand why Apple is scanning for CSAM locally unless iCloud backup encryption is in the works, and warned that Apple may have "poisoned" opinion against client-side classifiers.

I also don't understand why Apple is pushing the CSAM scanning for iCloud into the device, unless it is in preparation for real encryption of iCloud backups. A reasonable target should be scanning shared iCloud albums, which could be implemented server-side.

In any case, coming out of the gate with non-consensual scanning of local photos, and creating client-side ML that won't provide a lot of real harm prevention, means that Apple might have just poisoned the well against any use of client-side classifiers to protect users.

Nevertheless, Stamos highlighted that Facebook caught 4.5 million users posting child abuse images, and that this is likely only a proportion of the overall number of offenders, by scanning for images with known matches for CSAM.

Top Rated Comments

fwmireault Avatar
12 months ago
I’m always amazed when Facebook and its former staff wants to talk about privacy in public space. Do they know what reputation they have regarding security and privacy?
Score: 37 Votes (Like | Disagree)
joelhinch Avatar
12 months ago
All of you missed the “Former” part, didn’t you? ^
Score: 31 Votes (Like | Disagree)
MJaP Avatar
12 months ago
Wow, it's like a mini cancel-culture starting to form here... "he's from Facebook so his views should be mocked with a snide comment and disregarded"... you learn by listening, not by shutting down conversations.
Score: 28 Votes (Like | Disagree)
Abazigal Avatar
12 months ago
I’m always amazed when Facebook wants to talk about privacy in public space. Do they know what reputation they have regarding security and privacy?
Regardless, this guy seems to know his stuff. I guess it’s one thing to be good at your job, and another to know when to toe the line when it comes to a company like facebook.
Score: 28 Votes (Like | Disagree)
mw360 Avatar
12 months ago

I’m always amazed when Facebook wants to talk about privacy in public space. Do they know what reputation they have regarding security and privacy?
We’ve graduated to not even reading the headlines now I see.
Score: 20 Votes (Like | Disagree)
Geert76 Avatar
12 months ago
hahah Facebook and privacy…the irony
Score: 20 Votes (Like | Disagree)

Related Stories

craig wwdc 2021 privacy

Craig Federighi Acknowledges Confusion Around Apple Child Safety Features and Explains New Details About Safeguards

Friday August 13, 2021 6:33 am PDT by
Apple's senior vice president of software engineering, Craig Federighi, has today defended the company's controversial planned child safety features in a significant interview with The Wall Street Journal, revealing a number of new details about the safeguards built into Apple's system for scanning users' photos libraries for Child Sexual Abuse Material (CSAM). Federighi admitted that Apple...
appleprivacyad

Privacy Whistleblower Edward Snowden and EFF Slam Apple's Plans to Scan Messages and iCloud Images

Friday August 6, 2021 5:00 am PDT by
Apple's plans to scan users' iCloud Photos library against a database of child sexual abuse material (CSAM) to look for matches and childrens' messages for explicit content has come under fire from privacy whistleblower Edward Snowden and the Electronic Frontier Foundation (EFF). In a series of tweets, the prominent privacy campaigner and whistleblower Edward Snowden highlighted concerns...
Child Safety Feature Purple

Apple's Proposed Phone-Scanning Child Safety Features 'Invasive, Ineffective, and Dangerous,' Say Cybersecurity Researchers in New Study

Friday October 15, 2021 12:23 am PDT by
More than a dozen prominent cybersecurity experts hit out at Apple on Thursday for relying on "dangerous technology" in its controversial plan to detect child sexual abuse images on iPhones (via The New York Times). The damning criticism came in a new 46-page study by researchers that looked at plans by Apple and the European Union to monitor people's phones for illicit material, and called...
apple privacy

Apple Publishes FAQ to Address Concerns About CSAM Detection and Messages Scanning

Monday August 9, 2021 1:50 am PDT by
Apple has published a FAQ titled "Expanded Protections for Children" which aims to allay users' privacy concerns about the new CSAM detection in iCloud Photos and communication safety for Messages features that the company announced last week. "Since we announced these features, many stakeholders including privacy organizations and child safety organizations have expressed their support of...
Child Safety Feature Blue

Apple Delays Rollout of Controversial Child Safety Features to Make Improvements

Friday September 3, 2021 6:07 am PDT by
Apple has delayed the rollout of the Child Safety Features that it announced last month following negative feedback, the company has today announced. The planned features include scanning users' iCloud Photos libraries for Child Sexual Abuse Material (CSAM), Communication Safety to warn children and their parents when receiving or sending sexually explicit photos, and expanded CSAM guidance...
airtag zipper

Apple Explains How to Stay Safe With AirTag and More in Personal Safety Guide

Tuesday January 25, 2022 11:32 am PST by
Apple today shared an updated Personal Safety User Guide that serves as a resource for anyone who is concerned about or experiencing technology-enabled abuse, stalking, or harassment, the company said. The new guide is available on Apple's website, complete with a table of contents and a search tool, and as a downloadable PDF. The guide outlines the personal safety features that are built...
iphone communication safety feature

Apple Introducing New Child Safety Features, Including Scanning Users' Photo Libraries for Known Sexual Abuse Material

Thursday August 5, 2021 12:00 pm PDT by
Apple today previewed new child safety features that will be coming to its platforms with software updates later this year. The company said the features will be available in the U.S. only at launch and will be expanded to other regions over time. Communication Safety First, the Messages app on the iPhone, iPad, and Mac will be getting a new Communication Safety feature to warn children...
iphone communication safety feature

Apple Outlines Security and Privacy of CSAM Detection System in New Document

Friday August 13, 2021 11:45 am PDT by
Apple today shared a document that provides a more detailed overview of the child safety features that it first announced last week, including design principles, security and privacy requirements, and threat model considerations. Apple's plan to detect known Child Sexual Abuse Material (CSAM) images stored in iCloud Photos has been particularly controversial and has prompted concerns from...

Popular Stories

macbook air m2

Exclusive: Apple Plans to Launch MacBook Air With M2 Chip on July 15

Wednesday June 29, 2022 5:23 pm PDT by
The redesigned MacBook Air with the all-new M2 Apple silicon chip will be available for customers starting Friday, July 15, MacRumors has learned from a retail source. The new MacBook Air was announced and previewed during WWDC earlier this month, with Apple stating availability will begin in July. The MacBook Air features a redesigned body that is thinner and lighter than the previous...
Mac Studio IO

Apple Begins Selling Refurbished Mac Studio Models

Thursday June 30, 2022 7:42 pm PDT by
Apple today began selling refurbished Mac Studio models for the first time in the United States, Canada, and select European countries, such as Belgium, Germany, Ireland, Spain, Switzerland, the Netherlands, and the United Kingdom. In the United States, two refurbished Mac Studio configurations are currently available, including one with the M1 Max chip (10-core CPU and 24-core GPU) for...
top stories 2jul2022

Top Stories: M2 MacBook Air Release Date, New HomePod Rumor, and More

Saturday July 2, 2022 6:00 am PDT by
The M2 MacBook Pro has started making its way into customers' hands and we're learning more about how it performs in a variety of situations, but all eyes are really on the upcoming M2 MacBook Air which has seen a complete redesign and should be arriving in a couple of weeks. Other top stories this week included a host of product rumors including additional M2 and even M3 Macs, an updated...
original iphone 2007

15 Years Ago Today, the iPhone Went On Sale

Wednesday June 29, 2022 4:43 am PDT by
Fifteen years ago to this day, the iPhone, the revolutionary device presented to the world by the late Steve Jobs, officially went on sale. The first iPhone was announced by Steve Jobs on January 9, 2007, and went on sale on June 29, 2007. "An iPod, a phone, an internet mobile communicator... these are not three separate devices," Jobs famously said. "Today, Apple is going to reinvent the...
rootbug

Major macOS High Sierra Bug Allows Full Admin Access Without Password - How to Fix [Updated]

Tuesday November 28, 2017 12:33 pm PST by
There appears to be a serious bug in macOS High Sierra that enables the root superuser on a Mac with a blank password and no security check. The bug, discovered by developer Lemi Ergin, lets anyone log into an admin account using the username "root" with no password. This works when attempting to access an administrator's account on an unlocked Mac, and it also provides access at the login...