Really is disappointing how many high profile cryptographers actually seem to believe that "privacy preserving" surveillance is not only possible (it's not) - but also somehow "not surveillance" (it is).
Meanwhile Apple are making statements to the press with the effective of "We are not scanning peoples photos for illegal material, we are hashing peoples photos and *using cryptography* to compare them to illegal material"
As if those aren't the *EXACT SAME THING*.
It's very important to focus on the principles involved here and not the mechanism. Just because you use cryptography to alter the thing you are surveillance doesn't make it not-surveillance.
When you boil it down, Apple has proposed your phone become black box that may occasionally file reports on you that may aggregate such that they contact the relevant authorities.
It doesn't matter how or why they built that black box or even what the false positive rate may be
I just need you to understand that giving that black box any kind of legitimacy is a dangerous step to take, by itself, absent any other slips on the slop.
I called it a rubicon moment because that is what it is. There is no going back from that.
I work for a tiny non-profit (@OpenPriv) that builds open source privacy tools, mostly for marginalized communities - because of my role I get exposed to what happens to people when their lives become subject to surveillance.
I feel those stories in my bones, everyday.
I learned long ago that I can't make people care about other people, but please at least see this for what it is, a sign of worse things to come for everyone's privacy if the push back from this isn't enough to rock Apple to the core.
You can follow @SarahJamieLewis.
Tip: mention @threader on a Twitter thread with the keyword “compile” to get a link to it.