Apple has released today a document outlining its new child safety features for the security threat assessment model system. Apple has clarified the different safety layers and ways that its new child safety system works with. Today’s clarification was part of a series of discussions that Apple has had following the publication of its new safety features for the child – and the following inevitable controversy.
This system contains two components, one with Family Sharing and Messages, and the other with iCloud Photos. This system offers increased protection for children. The Messages system requires the function to be activated by a parent or guardian account. It’s a system opt-in.
Family Sharing with Messages
A Family Sharing feature that can detect sexually explicit images can be added to a parent or a guardian account. This system only uses a learning classifier on-the-ground in the Messages app to verify the photos sent by and to the device of a given child.
This function does not share Apple’s data. In particular, “Apple does not gain any knowledge about user communications with this feature and is unaware of child action or parental notifications.”
The child’s device uses Apple’s Messages app to analyze photos sent to and from your device. The test is conducted on the device (offline). If a sexually explicit photo is detected, the child will not be visible and the child will be able to try and see the picture – and then he or she will be notified of the parent account.
If the child confirms the child’s wish for the picture, it will be retained in the device of the child until the parent is able to confirm the photo contents. The photograph is saved by the security feature and cannot be deleted without the consent of the parent (via parental access of the physical device.)
CSAM detection with iCloud
The second feature works with pictures that are stored in iCloud Photos libraries on Apple servers. CSAM detection may detect CSAM images and data will be forwarded to Apple, for human verification, if sufficient CSAM images are found. If the human checking system from the Apple company confirms the availability of CSAM material, it will shut down the offense account and contact proper legal authorities.
In the first part of this process, Apple will detect CSAM images from known CSAM hash databases. CSAM hash databases include a set of detection parameters created by organizations with the task of creating these sets of parameters by using known CSAM imageries.
Apple suggested that every check be carried out this afternoon with hashes intersecting two or more child protection organisations. This means that no children’s security agency can add a (hash here) parameter that can determine if non-CSAM material is being checked.
Apple also ensures that any perception hazards in a single sovereign jurisdiction (but not other) that exist in multiple organizations haveh lists are discarded. This means that a single country cannot force multiple organizations to include non-CSAM hashs (for example, photos of antigovernment symbols or activities).
Apple indicates a one-in-one trillion chance of a photo being misidentified as a CSAM at this point.
Apple still does not have access to the data analysed by its system at this stage. The system will only share data with Apple for further examination once a single person’s account meets a threshold of 30 flagged images.
BUT – a second, independent perceptual hash is available before, to double-check the 30+ images flagged. If this secondary check confirms this, data will be shared for final confirmation with the Apple human reviewers.
“Apple will reject all requests for addition of non-CSAM images to the CSAM Hash Database,” according to the documentation released by Apple today,” AND “Apple will also refuse any request to instruct human examiners to report on accounts exceeding the matching threshold for anything other than CSAM material.”
When an Apple human examiner confirms a CSAM account, he will report it to the appropriate authorities. The National Center for missing and exploited children in the United States (NCMEC).
Stay aware, in any case
The Apple iCloud Photos documentation for this child safety system says perceptual checks are done for images uploaded to iCloud Photos only on your cloud storage pipeline. This system “cannot act on any other content of the image on the device” Apple confirmed. Furthermore, documents confirm that “No pictures can be hacked perceptually on devices and accounts where iCloud Photos is disabled.
The perceptive control system for Messages is also locally on the device. The check system for family messages will be done with your own hardware of the child, not with an Apple server of any kind. The child and parent do not share information about this system of controls, nor do they access the parent’s device physically to see any material that is potentially offensive.
Whatever the Apple safety contours and promises, you’re right to want to know everything there is to know about the scanning and reporting of Apple and to whom you want. Whenever you see a company that uses a system that scans content generated by the user, you have the right to know how and why for any reason.
There are good news, depending on your view, as we understand about this system so far. It seems that you will be able to do so if you want to avoid Apple having any type of checking your photos, provided that you are prepared to avoid the use of iCloud Photos and do not send photographic Messages to children whose parents have signed up with a family sharing account.
If it is hoped that all will lead to the stopping of CSAM predators by Apple, COULD seems possible. It will only be the criminals who do not know how to disable their iCloud Photos account for any reason… However, yet. It might be a big step in the way it is.