An open letter making the rounds online asks Apple to halt plans to roll out new Child Safety tools designed to combat child sexual abuse material, with signatories including industry experts and high-profile names like Edward Snowden.
A multi-pronged effort, Apple's system uses on-device processing to detect and report CSAM images uploaded to iCloud Photos, as well as protect children from sensitive images sent through Messages.
"While child exploitation is a serious problem, and while efforts to combat it are almost unquestionably well-intentioned, Apple's proposal introduces a backdoor that threatens to undermine fundamental privacy protections for all users of Apple products," the letter reads.
When it is implemented, Apple's system will hash and match user photos against a hashed database of known CSAM. The process is accomplished on-device before upload and only applies to images sent to iCloud. A second tool uses on-device machine learning to protect children under the age of 17 from viewing sexually explicit images in Messages. Parents can choose to be notified when children under 13 years old send or receive such content.
According to the letter, Apple's techniques pose an issue because they bypass end-to-end encryption.
"Because both checks are performed on the user's device, they have the potential to bypass any end-to-end encryption that would otherwise safeguard the user's privacy," the letter argues.
For its part, Apple has gone on record as saying the new safety protocols do not create a backdoor to its hardware and software privacy features.
The letter goes on to include commentary and criticism from a range of experts including Matthew Green, a cryptography professor at Johns Hopkins University who was among the first to voice concern over the implications of Apple's measures. Green and Snowden are counted among the signatories, which currently lists 19 organizations and 640 individuals who added their mark via GitHub.
Along with a halt to implementation, the letter requests that Apple issue a statement "reaffirming their commitment to end-to-end encryption and to user privacy."