Security News > 2022 > October > Scanning phones to detect child abuse evidence is harmful, 'magical' thinking

Scanning phones to detect child abuse evidence is harmful, 'magical' thinking
2022-10-13 07:30

If adopted, these rules would - according to a top British computer security expert - authorize the reading and analysis of people's previously private communication for the sake of potentially preventing the spread of child sex abuse material and terrorism communications.

In a paper titled Chat Control or Child Protection?, to be distributed via ArXiv, Anderson offers a rebuttal to arguments advanced in July by UK government cyber and intelligence experts Ian Levy, technical director of the UK National Cyber Security Centre, and Crispin Robinson, technical director of cryptanalysis at Government Communications Headquarters, the UK's equivalent to the NSA. That pro-snoop paper, penned by Levy and Robinson and titled Thoughts on Child Safety on Commodity Platforms, was referenced on Monday by EU Commissioner for Home Affairs, Ylva Johansson, before the European Parliament's Civil Liberties Committee in support of the EU Child Sexual Abuse Regulation, according to Anderson.

The occasion for the debate is the approaching August 3, 2024 expiration of an EU law that authorizes online service providers to voluntarily detect and report the presence of child sexual abuse material in users' communications and files.

"The proposed EU Child Sexual Abuse Regulation is a draft law which is supposed to help tackle the spread of child sexual abuse material," said the European Digital Rights Initiative, in response to Johansson's proposal.

Levy and Robinson propose "Have language models running entirely locally on the client to detect language associated with grooming." They liken this approach to the on-device CSAM-scanning proposed by Apple in the US. While they acknowledge the problems raised at the time - false positives, mission creep, vulnerability to tampering - they assert, "Through our research, we've found no reason why client side scanning techniques cannot be implemented safely in many of the situations one will encounter."

Europe proposes tackling child abuse by killing privacy, strong encryption.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/10/13/clientside_scanning_csam_anderson/