I think it's a kind of fine distinction... for now. My primary concern with Apple's proposed implementation of CSAM detection hinges almost entirely on the fact that it is performed on device. I use iCloud photos right now knowing fully well that it is subject to these scans.

I think ideally things would truly be E2E encrypted, in which case Apple or any other cloud provider doesn't have to trouble themselves about what's on their servers, since no one but the user could ever look at the contents of it. In this case a big blob of data up to the storage limits of the person's plan is the only thing they'd have to worry about.

That is also the other issue with Apple's proposed implementation. It completely circumvents E2EE and makes it entirely pointless. It doesn't preserve privacy in any respect whatsoever.

And to what end? You might capture a few people that are syncing their child porn on iCloud without encrypting it themselves first, but does this really make children any safer? It certainly endangers anyone using an iPhone given the technology doesn't discriminate against what kind of hashes it provides and increases the scope of surveillance on everyone. These sorts of things are extremely hard to undo.

Not sure if I fully agree with "Your content should be your content regardless of where it lives." - the cloud operators own the hardware that hosts this content, they could want to impose limitations on it, irrespective of whether they have any legal obligations to do so. An analogy to me would be: "Yes, you can park your RV on my lot, just don't cook meth in it.".

You can still manage your own data so that it is opaque to the cloud providers - encrypt it and don't share the key with them. They'll have no insight into the blobs of data that you're uploading to them.

To use your own analogy- as an RV lot owner, should you have the right to install cameras in every RV to ensure no one is cooking meth?

I can certainly ask every RV owner to agree to it and they are free to accept my terms or look for another lot. Or maybe I can say that every RV will be sniffed by a dog and in case it detects something, the RV will be entered to check for compliance with the rule.

Edit: to be clear, what I'm trying to say is that there are 2 parties entering an agreement here, the owner of the infrastructure also has some rights because we recognize the rights to private property.

That's a pretty idealistic view. I guess the issue boils down to whether you believe there are things in digital realms that are illegal to possess.

For comparison, it's pretty obvious that there are certain things in physical realm that citizens shouldn't have. So it would be wrong to claim "my things are mine and no one should be able to inspect them or take away from me, no matter what those things are". Examples for things citizens should not posses: weapons of mass destruction and slaves.

Apple et al argue that CSAM should be digital content that nobody ought to possess. So while you're obviously technically capable of storing it, it shouldn't be legal.

> I guess the issue boils down to whether you believe there are things in digital realms that are illegal to possess.

not at all. I'm pretty sure nobody here thinks CSAM should be legal. The topic at hand is whether that means everyone should be subjected to blanket surveillance by default.

Just because there's child abuse out there doesn't mean you can walk into a random persons house and rummage through their drawers, and by the same logic Apple or anyone else should have no business digging through my phone.

It's not idealistic at all, it's simply opposition to surveillance of people who have done nothing to warrant such suspicion. I don't know about the US, but here in Germany we have the so called Briefgeheimnis. (literally: secrecy of letters). Privacy of correspondence is almost sacrosanct and can only ever be violated under extreme circumstances, not casually or systematically, that's what the Stasi used to do.

The problem with rummaging through someone’s drawers is that this is done by people who in that process will inevitably find out much more about your life than binary “has CSAM / does not have CSAM in their possession”. There’s no viable way of limiting scope of such rummaging and there is no way to make individual officers forget what they’ve seen.

Apple’s system on the other hand provides such guarantees, so I don’t see how it can be compared to these hypothetical rummaging operations.