Apple is already scanning the server for content that shows child sexual abuse. The system is only used to check e-mails that run via iCloud, as the company has now confirmed to media representatives. Photo libraries synchronized via the iCloud Photos service, however, have never been checked for such material.
iCloud scans since 2019
Only a search warrant made public at the beginning of 2020 stated that Apple uses hashes and an automated comparison with databases of known abuse material – similar to other IT companies with cloud services. An Apple employee sifted through marked emails and reported the case directly to the responsible US authorities if child abuse was suspected, according to the search warrant. Law enforcement officers can then request additional iCloud data from Apple.
iCloud photos should be checked on device
For iCloud photos, Apple decided against purely server-side scanning for abuse material: the server-side check is invasive, opaque and could target individual accounts. Instead, the group wants to use iOS 15 to detect known abuse material in iCloud photos directly on iPhones and iPads – through a local comparison with a hash database contributed by child protection organizations. Apple did not yet want to say which organizations – apart from the National Center for Missing & Exploited Children (NCMEC) – provide hashes for this. A list of partners will follow at a later date.
Apple’s plans are met with considerable resistance: civil rights activists, security researchers and data protection activists warn against constant, uninterrupted monitoring of the user by their own device – and the misuse of the system for censorship and state surveillance.