Tech can accomplish many things, but it can’t do that.
Facts first. It is impossible to have both secure communications and a back door for law enforcement. Not “hard” or “eventually” but impossible – full stop. Anyone that says anything different is lying, or is naive. Perhaps both. Second, using technology to monitor communications is surveillance, and there is no way for the tech to do it without simultaneously enabling the people who control the tech to do it. Again, this is binary: surveillance or no surveillance. Putting technology in the mix changes nothing. Finally, to verifiably authenticate someone online, someone else must be able and willing to back that authentication. For any meaningful system under government oversight, that chain of third someones will always end with the government. There is no magical technology that can verify you or authenticate your age or credentials without a supporting chain of authentication that leads to a trusted third party.
Across the world – in the United States, Europe and the United Kingdom, Australia, and elsewhere – laws are being written and implemented that mandate technology companies, their staff, and software developers, to secretly surveil their customers on the government’s behalf. This is most frequently justified in the battle against child sexual abuse material (CSAM), something ethical societies universally abhor. As a developer advocacy organization it’s not our role to take sides on broad social issues that don’t uniquely impact the community we represent. Balancing the loss of consumer privacy and security against improvements in online CSAM detection isn’t a developer issue but an all-of-society issue, and everyone should be free to weigh that balance for themselves. But when the argument is distorted by deliberately mischaracterizing what is technically possible, we need to speak up.
There is not – and never will be – a technology that can inspect and detect CSAM in online systems while also ensuring user privacy and data security. In end-to-end encryption (E2EE), the sender has a key, and the receiver has a key. If anyone else has a key there can never be confidence that the message is authentic or secure. It’s as simple as that.
Likewise, replacing a name and a face with a nameless and faceless technology or corporate logo doesn’t make surveillance any less intrusive – or more accurate. Software is written by people, and it implements the logic people have chosen. Even AI is defined by the training data that teaches it – made available or selected or created by people. There is no real difference between a system that surveils for CSAM and one that surveils for women’s health violations, gender identity signals, attitudes towards firearms, or support for the communist party. A database of hashes that represent known CSAM could just as easily be hashes that identify anti-government propaganda. People control the databases, and if security is simultaneously weakened by a loss of secure encryption chaos will follow.
Finally, protecting children through age verification requires de facto verification of the age and identity of ALL users. The root of that verification rests with some trusted third party willing to absolutely vouch for the authenticity of whatever credential anchors the system. Just as human experts cannot pinpoint someone’s birth date by observing them, sampling their DNA or imaging their resonating molecules, online systems cannot reliably determine someone’s actual age. Good regulation must acknowledge this, and rather than wave a technology wand over the problem, laws should reference robust and repeatable scientific tests that exist today and make allowances for error – or better still accept that online anonymity and online child age verification are tradeoffs to be balanced.
A sufficiently advanced technology may be indistinguishable from magic, but that doesn’t make magic a good basis for a legal system. If elected officials don’t trust their constituents enough to honestly present the tradeoffs involved in online child protection, they insult the people who elected them. These issues are important, and we need solutions that are both workable and specific. In the meantime, we will endeavor to correct the record whenever technology and magic are used interchangeably.