The Internet Architecture Board (IAB) has raised concerns about proposals from several countries—like the European Union, the United Kingdom, and the United States—that suggest using automated methods to scan people’s devices for illegal content. This approach, known as client-side scanning, involves software on devices checking files for unlawful material, potentially leading to actions like flagging or removing documents or reporting them to authorities.
Apple sparked attention to this concept when it planned to scan photos on iPhones and iPads before syncing with iCloud, aiming to prevent the spread of child sexual abuse material (CSAM). However, this move faced backlash due to privacy concerns and was eventually abandoned. Despite that, client-side scanning has resurfaced in legislative discussions, prompting the IAB—a key group within the tech community—to speak out against it.
The IAB emphasizes the importance of a secure and open internet that respects privacy and freedom of expression. It cautions against technologies, like client-side scanning, that could compromise end-to-end encryption, potentially leading to widespread surveillance and censorship.
The IAB specifically criticizes legislative efforts in Europe and the US, such as the planned EU regulation on combatting child sexual abuse, the UK’s Online Safety Act, and the US Earn-It Act. These regulations could potentially require decryption of encrypted content for surveillance purposes, a move the IAB sees as problematic.
While acknowledging the need to combat illegal content online, the IAB argues that blanket surveillance isn’t the solution. It highlights the impracticality and concerns surrounding client-side scanning, citing technical analysis that labels it unworkable and against democratic principles. This isn’t the first time technology proposals have faced scrutiny; wiretaps, backdoors in encryption, and pervasive monitoring have all raised concerns. The IAB firmly opposes technologies that enable surveillance, asserting that such measures erode trust in online communication platforms.
Despite opposition from technical bodies, past concerns like pervasive monitoring continue. The IAB’s stance underscores the need for alternative strategies. For instance, the FBI previously created a backdoored network to target criminal groups, a move that led to mass arrests.
Ultimately, the IAB emphasizes the importance of protecting privacy and maintaining trust in Internet communication platforms while combatting illegal content, cautioning against measures that compromise these principles.