Non-zero being technically true because of the subject matter, but I don’t see how Apple’s system increases the risk of authorities killing family or pets more than server-side scanning.

> more than server-side scanning

False dichotomy. How about they leave people's data alone?

Their neural hashing is new, and they claim has a one in a trillion collision rate. There are 1.5 trillion images created in the US and something like 100 million photos in the compared database. That's a heck of a lot of collisions. And that's just a single year, Apple will be comparing everyone's back catalog.

A lot of innocent people are going to get caught up in this.

We’ll have to wait and see how good their neural hashing is, but just to clarify the 1 trillion number is the “probability of incorrectly flagging a given account” according to Apple’s white paper.

I think some people think that’s the probability of a picture being incorrectly flagged, which would be more concerning given the 1.5 trillion images created in the US.

Source: https://www.apple.com/child-safety/pdf/CSAM_Detection_Techni...

From Apple's technical summary:

"The threshold is selected to provide an extremely low (1 in 1 trillion) probability of incorrectly flagging a given account. This is further mitigated by a manual review process wherein Apple reviews each report to confirm there is a match..."

So it's 1 in 1 trillion per account PRIOR to manual review in which the odds of error get reduced even further.

How is it that you are going to "wait and see how good their neural hashing is"? Do you think there is going to be any shred of transparency about the operation of this system? It is completely unaccountable - starting with Apple and going on to NCMEC and the FBI.

I think you're wrong about the risk (the paper says per account), but even so you need to compare it to the alternatives.

Photos in iCloud are unencrypted and Apple checks for CSAM on the unencrypted photos server side, they know of all matches.

OR

Photo hashes are checked client side and only if a certain threshold of matches is passed does Apple get notified at all (at which point there's a sanity check for false positive by a person). This would allow all photos on iCloud to be able to be encrypted e2e.

Both only happen when iCloud photo backup is enabled.

The new method reduces the risk.