This sound expensive and probably does not net results while making confidential communication far less trustworthy.
I don't think CSAM is shared on the large social networks and the others just won't implement this anyway because it is an unrealistic technical challenge for anyone smaller than large tech companies.
The article is bad. It frames the discussion as a compromise between privacy advocate and "child advocates". That is not really a good case. Privacy of children is pretty effective in shielding them from abusers.
I see the value of doing something like this but at the same time I see it being abused far more than helping for it’s intended purpose.
The issue is that it will not be limited to messages. People are not dumb, they will share information in ways that another medium is used like a word doc or online note pad then just share the decrypt password over messages. So even if this starts off with messages it will just force these people to use other means and leave the rest of us vulnerable for nothing.
I think I would be more open to this if governing bodies were to also write in extremely harsh punishment for leaks, misuse, or abuse of this system so much so that no company would dare use this as another means of gathering metrics. Nor slack on the security of the mechanism required to scan the messages. Far too long has our private information gone unchecked and when leaks happen companies claim ignorance and no or minor punishments are handed out. This mind set and way of doing business cannot transfer to encrypted data.
2 comments
[ 2.3 ms ] story [ 12.8 ms ] threadI don't think CSAM is shared on the large social networks and the others just won't implement this anyway because it is an unrealistic technical challenge for anyone smaller than large tech companies.
The article is bad. It frames the discussion as a compromise between privacy advocate and "child advocates". That is not really a good case. Privacy of children is pretty effective in shielding them from abusers.
I see the value of doing something like this but at the same time I see it being abused far more than helping for it’s intended purpose.
The issue is that it will not be limited to messages. People are not dumb, they will share information in ways that another medium is used like a word doc or online note pad then just share the decrypt password over messages. So even if this starts off with messages it will just force these people to use other means and leave the rest of us vulnerable for nothing.
I think I would be more open to this if governing bodies were to also write in extremely harsh punishment for leaks, misuse, or abuse of this system so much so that no company would dare use this as another means of gathering metrics. Nor slack on the security of the mechanism required to scan the messages. Far too long has our private information gone unchecked and when leaks happen companies claim ignorance and no or minor punishments are handed out. This mind set and way of doing business cannot transfer to encrypted data.