Is the Apple Falling Further from the Privacy Tree?

Published Sep 01, 2021 by Ncrypt

If you’re Big Tech’s commitment to confidentiality, you’re not alone

It is widely known that Apple is a leader in phone and device sales globally, and has been for a very, very long time both here and abroad. For almost as long, the word innovation has gone hand-in-hand with the brand and the products that rack up record sales internationally. Of course, there’s more to selling innovations than meets the eye and the promise of privacy has also been an alluring hook for consumers. Just this years, Apple’s leadership affirmed that “privacy has been central to our work… from the very beginning.” They go further: “it’s a fundamental human right.”

Is the Apple Falling Further from the Privacy Tree?

These words of comfort and assurance, while rock-solid in intent, have less of an impact when filtered through the lens of recent “cracks in the (privacy) armour” in the form of hacking events, links to the Pegasus saga and now photo-scanning questions and answers that don’t mesh with the “privacy is central to our work” assertion. There’s a lot to unpack here.

Unpacking the iMessage image scanning furore

Firstly, let us say this (and not for the first time) – we support the pursuit and the bringing to justice of criminals, and law enforcement agencies should absolutely focus on the apprehension of wrong-doers. That said, it has never been a secret that we support the rights of businesses and individuals to protect their right to privacy – that same right advocated by Apple leadership’s sentiments at the top of this article. 

From there though, it is difficult to ignore the implications of Apple’s new program that scans images sent on iMessage. For all intents and purposes – and stepping back from the claims and counterclaims – the program seems at odds with the “fundamental human rights” statement. Let’s keep moving though because it’s important to note that the reason given for the creation and deployment of this program was to help protect those that can’t protect themselves - by helping to bring wrongdoers to justice. And so, we come to the war against child sexual abuse material (CSAM) and a war worth fighting at that. The problem though is where the line is drawn between the rightful pursuit of criminals and the encroachment upon client privacy. There is and has always been a difference between “a means to an end” and “by any means necessary”. To say the lines are being blurred somewhat may be an understatement. Here’s why – or how.

In a “one size surveils all” solution, the iMessage scanning program is difficult to distinguish from what Citizen Lab research revealed was/is happening in China: China’s unencrypted WeChat is using surveilled files and images to train censorship algorithms. This is the slippery slope that takes us from a noble pursuit to censorship and perhaps even political persecution. So, when companies like Apple acquiesce to requests, directives and/or laws that may compromise the tenets of privacy, there’s a problem. At the very least, there may be a problem with saying that “privacy has been central to our work… from the very beginning.”

All (5) eyes on where privacy, scanning and encryption goes from here

It’s probably too simple to simply say, “Big Tech seems to be giving in” but it’s already been reported that Apple had already been running CSAM detection programs on iCloud since 2019 as well as some “limited” scanning of other data. Add to that, Apple’s agreement to relocate the personal data of its Chinese customers to databases owned by a Chinese firm, in turn, owned by the State.

Australia, Canada, New Zealand, UK and US also chip away at the foundations of online privacy; back in 2018, counterterrorism was the impetus for calls for unencrypted access all areas, now criminal investigations are supposed to automatically get big Tech in general (and Apple in particular) marching back their privacy backing that has apparently been in place “from the very beginning.” So while it may not be right to suggest that Big Tech is throwing open (encrypted) backdoors left right and centre, we are getting a clearer view of some of the reasons why it might be tempting for them to throw privacy under the bus.

With increasing and various pressures being brought to bear on Big Tech to avail governments of avenues to unencrypted data along with the exponential growth in cybersecurity breaches and hacking incidents, it may be time for businesses and individuals alike to look elsewhere for peace of mind. You can start by shopping for secure devices, platforms and information right here.

Posted in: Security