🍕 Good morning! Paula here, covering for Tristan as he eats pizza and pasta and soaks up the sunshine in Italy. It's looking like a pretty announcement-packed week, with Apple's Unleashed event later today and the Pixel launch tomorrow...

In August, Apple announced plans to add new features to its iOS operating system to combat child sexual exploitation and the distribution of abusive imagery. In September, it stated it would postone its plans, going back to the drawing board. But that’s not the end of the story. 

Client-side scanning (CSS) would allow photos on an iPhone to be scanned and compared with a database of known child sexual abuse material (CSAM), notifying Apple if a match was found.

While this sounds like a great idea in the fight against child sexual abuse, there are plenty of reasons why it might not be:

• This could affect everyone with a smartphone: The government and tech industries want to see this tech become mandatory on all devices.
• An academic paper published last week by leading computer security experts has this to say: “CSS by its nature creates serious security and privacy risks for all society while the assistance it can provide for law enforcement is at best problematic.“
• The report goes on to say that because CSS gives government agencies access to private content on your phone, it should be treated like wiretapping. And we shouldn’t underestimate the “significant chilling effect” bulk surveillance and scanning on our personal devices will have on freedom of speech and even democracy.

It also throws up all kinds of questions regarding its implementation and whether there would be workarounds, as an article published on the Lawfare blog last year covered:

• Would there be an option to toggle CSS scanning off? If so, it’s likely offenders would do so, or fail to install the scanning feature in the first place.
• Then there’s the concern about just how efficient and accurate a matching algorithm would be: “Any client-side scanning system is dependent on the accuracy of the matching algorithm for its efficacy. One aspect of that question is the problem of false negatives — how many instances of CSAM will the matching algorithm miss, for example, because of minor changes in the content. But the efficacy question also implicates the challenge of false positives. Is there a risk of nonmalicious content being mistakenly identified as malicious?”
• There’s also the question of how often and by whom matching databases would be updated: Where will the list of prohibited content be sourced, and who will “define the terms under which content is added to (or not added to) the prohibition list”? 

In many nations, surveillance of domestic communications by the state is prohibited. In the US, for example, CSS could violate the Fourth Amendment, while in the EU it could go against the Charter of Fundamental Rights.

But the main worry is how this technology could evolve. Once it’s seen as standard practice for content stored on our personal devices to be readily available to government agencies, what else could be scanned in future? Pressure to expand the technology’s scope could mean we find it difficult to resist expansion into other areas:

• Political regimes could scan our text messages for political views, memes, names, etc.
• It could “provide a means of repression and political manipulation,” potentially being used in some countries to repress LGBTQ+ content, target political activists and pinpoint those protesting against authoritarian regimes
• Abuse by unathorized parties is also a huge concern — like corrupt police officers working for organized crime or a foreign state.
• Then there are the privacy risks: How much could an adversary learn about their target by hacking into a CSS system? Could the system be abused to falsely accuse others?

The implementation of bulk CSS is a hot topic right now: Should it be prohibited? For a deeper dive into the debate, check out the Bugs in Our Pockets report.

🍏 Apple’s Unleashed event kicks off at 10AM PT, with new MacBook Pros, possibly a new Mac Mini, and maybe new Airpods too (Android Authority).

📱 Pixel 6 Pro price leaks for the US are surprisingly attractive, lower than UK and other EU prices (Android Authority).

⏳ Samsung Galaxy Z Fold 3 second opinion: Some neat improvements but the battery life and camera are still lacking (Android Authority).

🍎 MacBook Pro display with notch shown in alleged photo leak: Follows a sketchy rumor, so a healthy dose of skepticism is encouraged (MacRumors).

🚀 NASA and ESA tech geeks posted an “unboxing” of the Hubble telescope’s successor and it’s taken unboxing to a whole new level (Mashable).

🍺 The proof’s in the poop: Austrians have loved beer, blue cheese for 2,700 years, which makes us wonder what ours will say about us in future (Ars Technica).

⌚ OnePlus launches a limited edition watch for Wizarding World fans, but only in India (Android Authority).

🚇 You can now pay for rides in the Moscow subway with your face: Other payment methods are still available, so no need to give the Russian government a photo yet, unless you want to (Gizmodo).

🧒 Facial recognition cameras arrive in UK school canteens: Yes, it’s a faster way of paying for lunch, but it seems overly intrusive (Financial Times).

🔥 North Vancouver to be world’s first city heated by Bitcoin: The Digital Boilers will “prevent 20,000 tones of GHGs from entering the atmosphere per MW compared to natural gas.” (Nasdaq).

🎮 “What older video game is so good that people may still be playing it 100 years from now?” (r/askreddit).

This week’s winner…

Cheers,

Paula Beaton, Copy Editor