There has been great rejoicing at ECPAT International’s global HQ in Bangkok. Last week the work we have been doing with our partners around strong encryption received an enormous boost when Apple made a hugely important announcement about their plans to keep children safe online. Not everyone likes it but we love it.
The cat is out of the bag
The cat is now very definitely out of the bag. Apple has confirmed a core contention advanced by ECPAT. There are scalable solutions available which do not break encryption, which respect user privacy while at the same time significantly bearing down on certain types of criminal behaviour, in this case terrible crimes which harm children.
If people believe Apple or malevolent Governments could misuse the technology, that is an extremely important point but it is a different one. It speaks to how we regulate or supervise the internet. It is emphatically not an argument which allows companies to continue doing nothing to curb illegality where technology exists which enables them so to do. Equally it is not an argument for Apple to “uninvent” what it has already invented.
What it is is an argument for Governments and legislatures to catch up. Quickly.
In the world of tech, alibis for inaction are always thick on the ground. Apple should be applauded. They have not just tinkered with the needle they have given it an enormous and wholly beneficial shove. The company has not moved fast and broken things. It has taken its time and fixed them.
So what is Apple planning to do?
Apple’s announcement contained three elements. Later this year, in the next version of their operating system, first in the USA then country-by-country they will:
- Limit users’ ability to locate child sexual abuse material (csam) and warn about online environments which are unsafe for children.
- Introduce new tools to help parents help their children stay safe in relation to online communications, in particular warning about sensitive content which may be about to be sent or has been received.
- Enable the detection of csam on individual devices before the image enters an encrypted environment. This will make it impossible for the user to upload csam or distribute it further in any other way.
Number three is what has prompted the greatest outcry.
A game changer
The mere fact a company like Apple has acknowledged they have a responsibility to act in this area, and have come up with a scalable solution, fundamentally changes the nature of the debate. Now we know something can be done, the “it’s not possible” position has been vanquished. Any online business which refuses to change its ways likely will find itself on the wrong side of public opinion and, probably, the law as legislators around the world will now feel emboldened to act to compel firms to do what Apple has voluntarily chosen to do.
And all the angst?
Several commentators who otherwise appeared to express sympathy for Apple’s stated objectives nevertheless couldn’t quite resist trying to take the shine off the company’s coup de théâtre by complaining about the way they did it.
However, in 2019, Facebook’s unilateral announcement that it intended to do the exact opposite of what Apple is now proposing suggests the possibility of reaching an industry consensus was wholly illusory.
I am sure many “i’s” need to be dotted, many “t’s” need to be crossed, but sometimes I feel when it comes to protecting children everything has to be flawless out of the traps. It is OK for Big Tech to get it wrong everywhere else and fix things later, or not, but that cannot be allowed to happen in this department. It is OK to innovate madly, but not here. We are judged by a different standard.
Don’t get me wrong. I am not in favour of imperfection. I do not applaud innovation or recklessness that pays no heed to the downside.
The simple truth, though, is this whole business has been and is about values and priorities. It is binary. Either you think steps should be taken to minimise risks to children before content is encrypted or you don’t. There is no middle way because when the content is encrypted the content is invisible forever. The bad guys win. Apple has shown how they lose.
Encryption is not broken. No new data is being collected or exploited
In a further statement issued by Apple yesterday they make it abundantly clear and underline that they are not breaking any kind of encryption. They also make it clear their technology is limited in scope and they will not use it for any other purpose.
If you don’t believe that we are back to the point I made earlier. Let’s discuss that but whatever the outcome of the discussion might turn out to be Apple must be allowed and encouraged to carry on. I eagerly wait to hear other companies pledging to follow in their footsteps. Soon.