Two senior figures in the UK Government’s cybersecurity establishment have called for social media platforms and tech companies to adopt client side scanning techniques to help mitigate the sharing of online child sexual abuse material.
The UK’s National Cybersecurity Centre (NCSC) technical director Ian Levy and GCHQ’s director of cryptanalysis Crispin Robinson made the controversial call in a research paper published last week.
The paper, Thoughts on Child Safety on Commodity Platforms, examined various techniques tech companies could use to reduce the sharing of child abuse materials on their platforms where the service provider does not have access to user content.
High on the duo’s mitigation list is client side scanning, where companies design and deploy software onto their platforms that automatically scans images, text, and videos for objectionable content before it is sent.
“We’ve found no reason why client side scanning techniques cannot be implemented safely in many of the situations one will encounter,” the paper says. “That is not to say that more work is not needed, but that there are clear paths to implementation that would seem to have the requisite effectiveness, privacy and security properties.”
The technique has many supporters, including within the tech industry. However, privacy advocates and others have long opposed it, saying that, among other things, it would render end-to-end encryption ineffective.
But Levy and Robinson say the trend toward widespread end-to-end encryption in everyday online messaging poses a real problem for law enforcement, including when trying to prevent child abuse. They say their paper, which does not represent UK Government policy, is designed to provoke discussion and awareness that it is possible to provide strong user safety protections while ensuring that privacy and security are maintained.
Apple’s iOS feature NeuralHash is a high-profile example of a client side scanning technique. Last year the tech giant introduced the feature, which used an algorithm installed on phones to detect the transmission of child abuse images.
One big problem with client side scanning is the miscategorisation of images, which can potentially have devastating real-world consequences for people. NeuralHash caused a storm of protest from privacy groups and tech experts who quickly highlighted the software’s security flaws. Apple has subsequently delayed the widespread rollout of the software on its phones.
Levy and Robinson say a series of checks and balances can overcome many of the previous problems preventing the uptake of client side scanning techniques. But the pair face stiff opposition from some influential voices, including Meta, owner of Facebook and WhatsApp. Meta says such client side scanning techniques would fundamentally undermine the internet, privacy and people’s human rights.
A 2021 Columbia University report, “Bugs in our Pockets: The Risks of Client-Side Scanning”, is more specific when condemning client side scanning. That paper says its use opens the way to causing greater harm than it prevents.
“Client side scanning, by its nature, creates serious security and privacy risks for all society, while the assistance it can provide for law enforcement is at best problematic,” the paper said. “There are multiple ways in which client side scanning can fail, can be evaded and can be abused.”
Levy and Robinson acknowledge the challenges of balancing privacy with preventing the production and transmission of child sexual abuse material. But both men also argue it is solvable and that it is a false binary to argue society cannot achieve the two simultaneously.
“We believe these legitimate privacy concerns can be mitigated technically, and it is likely that the legal and policy challenges are harder, but we believe they are soluble.”