So far all the comments are predictably negative and imply that Apple will at some time in the future attempt to covertly implement the feature in secret.
Another take would be that they took on-board the extensive public criticism, and changed their minds.
This is the reaction the tech industry has bred with the only options ever being "Yes, now" or "Later". People are used to the industry not taking no for an answer, and so this pattern matches to every other time the industry has "backed off for now" (see also: MS pushing edge as default browser, Apple boiling the frog with gatekeeper, Whatsapp/Facebook data sharing, Google+ account migrations for YouTube accounts)
I have been literally spammed in the last month on my iPhone (even though still using iOS 14) with apple notifications asking me "Do you agree to new terms of agreements? <Yes> <We will ask you later>" (that's regarding new iCloud terms). I was always careful not to miss click and not to agree. No matter what few days later I kept giving the same notification. The stopped for some reason after few months and now I don't know if:
1) I agree by accident
2) They thankfully stopped nagging me
3) Or they buggy implemented it and even though I kept cancelling after few tries they assumed I agreed.
At the moment Facebook bought them I started researching alternatives and I am happy to say that a couple of hundred friends and family of mine have switched and not a single person has tried to reach me on WhatsApp for months until I uninstalled it.
I don’t think cloud services realistically can do something else than forcing all users to accept the latest license.
If they don’t, they end up having data from different licenses. If you have many of those, figuring out what you can and cannot do with data becomes a nightmare.
You could get questions such as “Can you make a backup in country C for user U? He’s under the 2019 terms, so in principle, yes, but alas, user V has shared content with U, and V still is under the 2017 terms. Also, U has been in the EU for the past weeks, so EU regulations apply, at least as far as we catered for them in the 2019 terms”
Not changing the terms isn’t an option, either, as they have to be changed to cater for changes in laws. If you operate in 100+ countries,
> If they don’t, they end up having data from different licenses. If you have many of those, figuring out what you can and cannot do with data becomes a nightmare.
That's their problem to figure out. If they can't then they should terminate customers who don't agree and ship them their data.
Obviously they'll never do that since it would be a terrible look and they'd lose customers, because they want to have their cake and eat it, too.
I am not sympathetic to how hard it would be for a corporation to do something. "It's too hard" is not an excuse, not least of all if they're a multi-billion dollar corporation.
We don’t use that kind of reasoning with other service providers.
If, for example, your bank changes their terms, your electricity provider increases prices, landlords increase rent, etc. they will inform you and often silently enrol you in the new scheme. Cancelling the agreement always (and maybe not even that) is an option, but that is opt-out, not opt-in.
My bank grandfathered me onto an account TOS for a decade before giving me a "move to our modern accounts or close" ultimatum, my electricity provider has legal limits to what the the unit rate and landlords are limited to one rate increase every 12 months, which in my city also has its amount limited. If my phone, internet or TV company wants to increase prices that voids any contractual lock in period I may have been held to otherwise. I work for a B2B company and we do gate features depending on which revision of the TOS the client has agreed to.
In short, other countries outside the US _do_ hold other service providers to similar standards.
This isn't a revenue generating initiative. It is different than your examples. Apple is trying to make two groups happy, governments and customers. Governments don't like like encryption(assuming Apple starts encrypting iCloud photos with device based keys) and consumers don't like governments snooping on them. If you're were the CEO of apple who would you favor knowing either group could cost you money. Governments could prioritize antitrust initiatives against apple and consumers could stop buying apple products.
You could ship a mechanism that scans your documents but doesn't report anything.
Or do something equally pointless, but just as signally.
I feel like so many of these unstoppable force meets immovable wall situations warp both functionality and discourse (on all sides) on said functionality.
This comes about because everything is getting so centralized. The government wants to be in everything, and Apple (stand in for all big tech) does too. This pits them against each other, with the consumer only acknowledged when there is vast consumer agreement and motivation.
Similar to App Store, Apple wants total control, then governments use Apple's control to cut of access to particular apps. Consumers that understand the severe loss of freedom this creates (for them and developers) both immediate and in lost innovation don't like it. But there isn't a huge consumer uproar on that one ... so freedom wilts.
Bundling these basic features (cloud backups, app stores) with operating systems is creating an unholy government/platform axis that wins every time consumers are unable to drum up the motivation to speak as coherent allies pushing back.
I'm not a businessman, but I believe Apple's main customers are not governments, so I suppose that it's not good business for Apple to ignore their users' preferences. Governments in most of Apple's marketplaces change every few years, after all.
Why they pulled the scanning was because of customer backlash. Fallout is yet to be seen what governments especially when Apple switches to not having access the keys to decrypt iCloud photos and documents. And moves iCloud backups to being encrypted. One high profile crime especially involving children and we’ll see government propose escrowed keys. UK is already proposing it. I am not saying it’s right or wrong. I do believe consumers anger at Apple is the wrong target. If they want change, get governments to pass laws that guarantee encryption as a “right”.
Another possibility (or way to look at it) is that it worked poorly enough, and it was poorly received enough, that the internal factions within Apple that opposed it had enough leverage to kill it.
Sometimes, the right way to kill a project (politically) is to let it publicly fail. Killing a project before it fails requires much more of a fight. It could also mean that the very public failure of this project gave Apple leverage over whichever spooks were pushing for it in the first place.
> it could also mean that the very public failure of this project gave Apple leverage over whichever spooks were pushing for it in the first place.
This is my guess. I imagine it went something like this.
Congressman: "So tim, FBI talked to me and want some help. Please find a way to check all pictures on iphone"
Tim: "or no?"
C: "We'll make it worth your while"
T: "This goes against our marketing and history, it'll take a really big push. My team says we can manage X but we need to work with CSAM agency to handle optics.
C: "Great!"
T: "I was right, the public hates it and doesn't care about children, we're going back to our privacy stance in marketing because the backlash would out-due the political reward. We'll throw you under the bus if you push again on this. We totally want to help for real and not just because politics is a game and we have to play, but this cost is too high, even you can see this backlash and recognize we can't go threw with it. BTW thanks for giving us excuse to hire a few new expensive ML scientists from google or wherever. They got to write some nice papers."
C:"Gotcha. See you next week for gulf when we try again at something new? There is this israeli company i want you to meet"
We all know who it was -- NCMEC was getting on Apple's case because their CSAM reporting numbers were orders of magnitude lower than the other big tech companies. Someone in NCMEC upper management even wrote Apple nauseatingly perky congratulatory letters celebrating Apple for actually trying to save the children, and calling detractors braying mules or somesuch.
>Sometimes, the right way to kill a project (politically) is to let it publicly fail.
I feel this is definitely true most of the time, but in this case the cost to their public image/perception among the tech crowd was so high it was a mistake.
It may have been a mistake for Apple as a company to make this decision, but I think we can understand why the individuals within Apple might choose to let decisions like this play out and fail in public, even if they know it is going to fail.
Well Craig Federighi seems to be happy with it. Their software engineers leads of the features seems to be happy with it. i.e I dont believe there were significant objection to the feature within Apple. At least not those in power. And that is why they went with it. The objection obviously came later after it was reviewed to the public.
There is a big difference between happy with it and not unhappy enough to quit publicly when part of your job is to spread koolaid and look happy.
If i were against something like this, but not powerful enough to squash it (especially if a gov had a hand in getting it pushed through), then i'd make sure to do a press tour and get it in every newspaper for all the wrong reasons, while making an all/nothing stance to torpedo the project.
I can think of no other reason beyond utter incompetence why they'd announce it how they did. Apple is known for being secretive, but why did they do a press interview and say "sure other 3-letter gov agencies may need to add to the illegal photos database in the future" unless you wanted to really make sure the project would fail? Why else announce it in the same press release as scanning messages for similar content? It seems like the rollout was designed to be as suspicious as possible tbh.
Never assume 4D chess when simple incompetence can do the job, because 4D chess is rare, and tends to fail when it confronts the unexpected. If you were trying to sink the project this way, how would it work out if some other, unrelated scandal had popped up and distracted the general public?
> If [i were not influencial enough to sink it internally, so i] were trying to sink the project [through bad publicity]
Therefore, the answer to your question is "darn, it didn't work. that sucks but at least i tried".
Also...
> Never assume 4D chess when simple incompetence can do the job
In this context, its very likely that a government is somewhat behind it. We know the FBI and apple didn't get along. We know apple has been doing things quid-pro-quo for china to stay on their good side. So it seems like we're already sitting at a 4d chess board, but no one is sure who's playing.
If a government says you have to do X on the DL, and you don't want to because its bad, then a logical solution is to get general population + news media to say "X is bad! We really hope X doesn't happen." Because then its easy to show the government why you can't do X.
> The objection obviously came later after it was reviewed to the public.
Why is this obvious? Normally, when you have an objection to a company policy, you voice those objections in private to people within the company. This seems "obvious" to me, but to explain--(1) it's against company policy and often considered a fireable offense, (2) employees have an interest in presenting a united front, (3) those who want the project to fail publicly want it to happen without interference from inside the company.
Apple has stood up to unreasonable government invasions of privacy before. And won. They have the means. They have the skill. They have the incentive (their entire brand is arguably built around privacy) and their users have been pretty clear in voicing their opposition to CSAM.
Some nebulous political references in opposition to encryption aren't the reason Apple did this in the first place. They had and continue to have plenty of choice in the matter.
I would have thought they continue the practice but because of the bad publicity will remove all mentions of it. Is it confirmed they won't scan user files? Because I would assume that they still do.
As for the negativity. That is based on experience with large tech companies.
I don't believe that they'll slip it under the radar at all. I think they'll brand it as something awesome and magical and just add it anyway. People, for the most part, don't scratch the surface EVER, so they'll just think it has a cool scanning feature built-in now.
They already scan your photos but the reason for scanning is important. Type 'cat' into the search and they'll show you the pictures you've taken of cats.
However, they can't just go through your photos and use it for any purpose they want. They have to give a specific reason.
> Update: Apple spokesperson Shane Bauer told The Verge that though the CSAM detection feature is no longer mentioned on its website, plans for CSAM detection have not changed since September, which means CSAM detection is still coming in the future.
I'd venture to say ease of use. I mean AT&T had everyone's emails but still Facebook makes it much easier to infer and understand and expand surveillance. Getting targeted information might be doable in hardware, but mass surveillance might be much easier if implemented a little higher up, by a dedicated dev team which issues bug fixes and feature extensions, which can turn over a request by you in a fraction of the time and whos capabilities are far more mutable. Hardware is more capable but it's a lot more work
If Apple would like us to believe they changed their mind, they might consider telling us they changed their mind. They haven't told us that, so why should we assume it?
They’re still a company with a PR and Legal team. Letting it die quietly means it stays out of the news cycle (as in, there are less articles about it being removed compared to if they publicly announced they were wrong).
I would respect more company and people that can admit to mistake and apologize and commit not doing the same mistake again. In this case Apple simply keeps people in limbo - you cannot be sure what they are planning to do with it without any public statement. They might as well tweak it a little bit, rebrand with different name and push it again as wrapped with different package.
All the more reason to not give them the benefit of the doubt with shit like this. If they say something flat out, that has some weight since there could be legal repercussions for lying (in theory anyway.) But not saying anything and letting people infer whatever they want? That's how companies with PR and Legal teams like to cover their asses instead of outright lying. The company says nothing and lets their supporters invent whatever headcanon is most flattering. I don't go in for that.
Edit: The same thing happened when they let Apple fans infer that this feature was preparation for enabling proper E2EE. As far as I'm aware Apple never actually said that and their supporters decided to believe it without evidence, just a lot of wishful thinking.
Another take would be that they took on-board the extensive public criticism, and changed their minds.