The Morning Dispatch: Apple Draws Flak from Privacy Advocates

Happy Wednesday! For the first time in nearly a week, today’s newsletter is not going to be entirely Afghanistan-focused—though it certainly could be. 

But never fear: Steve, David, and Vital Interests author Tom Joscelyn will be discussing the United States’ withdrawal and the repercussions in a Dispatch Live TONIGHT, August 18, at 8 p.m. ET. Dispatch members can find more details here.

Quick Hits: Today’s Top Stories

• Pentagon spokesman John Kirby told reporters yesterday that approximately 4,000 U.S. troops would be on the ground in Afghanistan by end of day Tuesday, and that, after a chaotic day Monday, Hamid Karzai International Airport is secure. He said the evacuation effort currently consists of one plane in and out every hour, but that pace could soon pick up to 5,000 to 9,000 evacuees per day barring a “number of unexpected challenges that can occur.” National Security Adviser Jake Sullivan added in a press briefing Tuesday the Taliban had informed the administration they are “prepared to provide the safe passage of civilians to the airport.”

• The U.S. Air Force said Tuesday it is investigating the civilian deaths at Hamid Karzai International Airport on Monday, including the handful of Afghans who fell from a U.S. military transport plane after it had taken off. The Air Force also confirmed Tuesday that human remains were found in the landing gear of a C-17 plane that took off from Kabul a day earlier.

• Taliban spokesman Zabihullah Mujahid on Tuesday held the group’s first press conference since taking Afghanistan, claiming the militant group would pardon anyone who had fought against them, refrain from attacking any foreign countries’ embassies, and respect the rights of women—“within the framework of Sharia” law.

• The Washington Post reports that the U.S. Treasury Department froze billions of dollars in Afghan government reserves on Sunday, preventing the Taliban—which is on the Treasury Department’s sanctions designation list—from accessing money held in U.S. institutions.

• The U.S. Census Bureau reported Tuesday that American retail sales fell 1.1 percent from June to July as Delta fears grew, well below the Dow Jones estimate of a 0.3 percent decline.

• In an effort to reduce the risk of additional wildfires, Pacific Gas & Electric announced Tuesday it was preemptively shutting off power for about 51,000 Californians due to “a combination of dry offshore winds, extreme to exceptional drought conditions and extremely dry vegetation.” The company said power for those affected should be restored by Wednesday afternoon.

• Texas Gov. Greg Abbott tested positive for COVID-19 on Monday, his office announced yesterday. A spokesman added that Abbott is fully vaccinated and is currently experiencing no symptoms.

Apple Draws Flak from Privacy Advocates

A few weeks ago, Monsignor Jeffrey Burrill, general secretary of the U.S. Conference of Catholic Bishops, resigned from his post after The Pillar reported he had been active on a gay dating app and frequented gay bars. On its face, the story wasn’t all that unique: Burrill’s behavior violated clerical obligations of chastity, but not any laws, and it’s not like he was the first ever gay priest in the Church.

But the manner of Burrill’s outing has set off a series of alarm bells. The Pillar’s source wasn’t a disgruntled ex-lover of Burrill’s or someone who came across his profile on an app. Rather, the news outlet obtained “commercially available records of app signal data” that allowed it to keep tabs on a “mobile device correlated to Burrill” and unearth his secret life. More on how it worked here:

Commercially available app signal data does not identify the names of app users, but instead correlates a unique numerical identifier to each mobile device using particular apps. Signal data, collected by apps after users consent to data collection, is aggregated and sold by data vendors. It can be analyzed to provide timestamped location data and usage information for each numbered device.

…

The Pillar correlated a unique mobile device to Burrill when it was used consistently from 2018 until at least 2020 from the USCCB staff residence and headquarters, from meetings at which Burrill was in attendance, and was also used on numerous occasions at Burrill’s family lake house, near the residences of Burrill’s family members, and at a Wisconsin apartment in Burrill’s hometown, at which Burrill himself has been listed as a resident.

The saga launched a debate over who really owns one’s digital data—and how that data can and should be used in sussing out illicit behavior. The debate is about to get a whole lot louder. 

Earlier this month, Apple announced a handful of changes to its operating system—intended to “protect children from predators”—that will roll out to iPhones, iPads, MacBooks, and Apple Watches later this year.

The first is fairly anodyne. If a user utilizes Siri or Search to seek out known Child Sexual Abuse Material (CSAM), Apple will now intervene, letting them know their query is “harmful and problematic” and providing resources where they can receive help dealing with their attraction.

The second tweak will give children and their parents more control over the transmission of sexually explicit images. If turned on in family iCloud settings, a child’s iPhone will use “on-device machine learning” to analyze images sent and received in Messages and determine whether they meet the above criteria. If an incoming picture is deemed explicit, the iPhone will blur it out and require the user to proactively opt in to viewing it. Parents of children ages 12 and under will receive a notification if, after receiving the warning, their child chooses to view the image anyway. A similar process will play out if a child attempts to send sexual material to someone else.

It’s the third update that has privacy advocates most rankled. Using a technology called NeuralHash, Apple will soon be able to detect known CSAM images any iPhone user stores on iCloud.

At first glance, this isn’t controversial. Other tech firms—Google, Microsoft, Facebook—have employed similar policies for years. But rather than scanning all images users choose to upload to Apple’s online servers, the company said its system will perform “on-device matching,” comparing images stored locally on a user’s phone—converted into an “unreadable set of hashes”—to a database of known child pornography maintained by the National Center for Missing and Exploited Children (NCMEC) and similar groups.

If a user meets a certain “threshold” of inappropriate images, the images themselves are revealed on Apple’s back-end and manually reviewed to confirm their illicit nature. Only then will Apple disable the user’s account and notify the NCMEC.

Apple claims the system was “designed with user privacy in mind” because the company will never learn anything about images that do not match NCMEC’s existing child pornography database—and even then, only if a set threshold is met. But privacy hawks are concerned.

“The user’s own device is going to be scanning the data on their own device for a purpose that is ultimately adverse to the user’s interests,” Julian Sanchez, a senior fellow at the Cato Institute focusing on the intersection of technology, privacy, and civil liberties, told The Dispatch. “We don’t really care if something is adverse to the interest of pedophiles, but … that means the process [is]  running on your own device. … It has to be designed to resist efforts by the users to disable that process. And I think that’s a dangerous step to take.”

This is a new position for Apple. Primarily a hardware company, the Cupertino, California-based tech giant has historically prioritized its customers’ data far more than its Silicon Valley counterparts. Perhaps most notable was Apple’s 2016 fight with the FBI, in which it refused government officials’ demands to design a program to unlock the iPhone of a suspect in the 2015 terrorist attack in San Bernardino.

Five years later, the company is moving, in some critics’ eyes, to crack open the “backdoor” into people’s private data it fought for so long to keep closed. “It’s impossible to build a client-side scanning system that can only be used for sexually explicit images sent or received by children,” the Electronic Frontier Foundation said in a post condemning the move. “All it would take to widen the narrow backdoor that Apple is building is an expansion of the machine learning parameters to look for additional types of content, or a tweak of the configuration flags to scan, not just children’s, but anyone’s accounts. That’s not a slippery slope; that’s a fully built system just waiting for external pressure to make the slightest change.” Thousands of privacy advocates have signed an open letter calling on Apple to reverse its decision, and—according to Reuters—the company’s own employees have “flooded” an internal Slack channel with more than 800 messages expressing concern that repressive governments could use the new tool in unintended ways.

It’s an uncharacteristic public relations stumble for the world’s largest company by market capitalization. Days after its initial announcement, Apple released a “Frequently Asked Questions” guide and Security Threat Model Review attempting to allay concerns—it would “refuse demands” from governments to expand the scope of the policy, for example. Senior Vice President of Software Engineering Craig Federighi spoke with the Wall Street Journal in an attempt to clean up what he conceded was a “jumbled” message.

“If and only if you meet a threshold of something on the order of 30 known child pornographic images matching, only then does Apple know anything about your account and know anything about those images, and at that point, only knows about those images, not about any of your other images,” he said. “This isn’t doing some analysis for, did you have a picture of your child in the bathtub? Or, for that matter, did you have a picture of some pornography of any other sort? This is literally only matching on the exact fingerprints of specific known child pornographic images.” 

Plus, Federighi added, the system is auditable. “If any changes were made that were to expand the scope of this in some way—in a way that we had committed to not doing—there’s verifiability, [researchers] can spot that that’s happening,” he said.

Sanchez still isn’t convinced. “I’ll give Apple this: they have designed an architecture [that] I think is pretty dangerous as thoughtfully and privacy-protectively as you can,” he told The Dispatch. “If it were immune from change and political pressure and operated only precisely as Apple has intended and implemented perfectly, then maybe it would be less problematic. But I think in the real world it is likely to be a problem.” 

Haiti Can’t Catch a Break

Last weekend, one month on the heels of President Jovenel Moïse’s assassination and the country’s ensuing political turmoil, Haiti was shaken by a magnitude 7.2 earthquake. As of Tuesday, the country’s Civil Protection Agency confirmed at least 1,941 deaths and 9,900 injuries, and many more remain unaccounted for in the quake’s aftermath. Tens of thousands of people in the impoverished country have been left homeless. 

Experts believe Saturday’s earthquake developed along the same fault line as 2010’s, which left more than 220,000 Haitians dead. The latest earthquake, even greater in magnitude than that of a decade ago, is expected to affect 1.2 million people—including 540,000 children—across the country, according to UNICEF. 

One video showed buildings crumbling to the ground in real time as families watched and motorcyclists rode through the streets honking their horns. Another captured adults pulling debris-covered children from beneath rubble. 

“Haiti is in shock again. And this disaster coincides with political instability, rising gang violence, alarming rates of child malnutrition and the COVID-19 pandemic—against which Haiti has received only 500,000 doses of vaccine, despite much greater needs,” Henrietta Fore, Executive Director of UNICEF, said in a statement Monday. “However, it is now particularly urgent to reach those affected by the earthquake with the vaccine.”

In the aftermath of Saturday’s earthquake, Tropical Storm Grace swept across the country’s south late Monday, bringing heavy rain, flash flooding, and mudslides. Haiti’s Civil Protection Agency warned people to “avoid dangerous areas such as streams, rivers, mountainsides, low-lying mountains, and the coast.” Warnings of a tsunami immediately after the storm sent Haitians running in panic through the streets, but it fortunately never came to pass. 

The United Nations committed $8 million to help Haiti recover, extending health services, emergency housing, drinking water, and sanitation to those injured and displaced across the island nation. The Defense Department, meanwhile, announced the formation of a joint task force led by the U.S. Agency for International Development (USAID). 

“We send our deepest condolences to all those who lost a loved one or saw their homes and businesses destroyed. I have authorized an immediate US response and named USAID Administrator Samantha Power as the senior US official to coordinate this effort,” President Biden said Saturday. “Through USAID, we are supporting efforts to assess the damage and assist efforts to recover those who were injured and those who must now rebuild.” 

Worth Your Time

• A Taliban spokesman talked a big game at a press conference yesterday, claiming the group wouldn’t seek vengeance against Afghans who worked with the United States, prohibit women from working and studying, or become a safe haven for terrorists. Eli Lake—Monday’s Remnant guest—isn’t buying it. “These promises are discredited by events on the ground,” he writes in his latest Bloomberg column. “Those Afghans hanging from a U.S. military jet taking off from Kabul clearly do not take the Taliban at their word. Nor do the women who Taliban gunmen escorted from their jobs at a Kandahar bank and ordered not to return. Nor do the journalists who work at a radio station in Kabul who saw their station manager murdered earlier this month by Taliban gunmen.”

• Also in the Post, foreign affairs columnist David Ignatius has a thorough piece on Afghanistan detailing the long road we took to where we are today. “The fall of Afghanistan to the Taliban was like watching the collapse of the twin towers. In an instant, the edifice crumbled into a pile of rubble,” he writes. “But it didn’t happen quickly, really. The structure of the Kabul government has been rotting from within for all 20 years of the United States’ war. And every U.S. commander knew its weakness. They worried about the corruption and incompetence of the government, devised elaborate strategies to fix it, kept convincing themselves they were making progress. Hope is not a strategy, as every commander knows. In this case, it was.”

Presented Without Comment

Clarification: Our “Presented Without Comment” yesterday about CNN reporter Clarissa Ward donning a headscarf post-Taliban takeover was missing some context. As she pointed out later, she always wore a headscarf when outside in Kabul—though the fully covered hair and abaya were new. “So there is a difference but not quite this stark,” Ward wrote.

Toeing the Company Line

• Do an “overwhelming majority” of Americans really support President Biden’s withdrawal of U.S. forces from Afghanistan? Depends on how you ask the question. In The Sweep this week, Sarah dives into the pitfalls of issue polling. “You’re asking people to give a scripted answer to a simple question about an issue that is deeply complex,” she writes. “Issue polling as a general matter should be ignored. The collapse of Afghanistan shows us exactly why.”

• In yesterday’s Uphill, Harvest and Ryan provide a congressional perspective on the collapse of Afghanistan: Lawmakers aren’t thrilled. “It’s a shameful, historic embarrassment. A black eye on the United States,” Republican Rep. Peter Meijer told Ryan, arguing Biden’s claim that more Afghan allies were not evacuated from the country because they didn’t want to leave was “pure, unadulterated bullshit.”

• David’s Tuesday French Press(🔒) focused on why it is that—despite 20 years of U.S. training and investment—the Afghan military folded so quickly. “Even a relatively small American presence gave our allies access to better intelligence to understand the enemy’s disposition, to air assets that could turn the tide of virtually any battle, and to the raw technical ability to keep allied vehicles driving and allied aircraft flying,” he writes. “In other words, our allies went into the fight with a trump card in their back pocket. Remove the trump card, and you strip that hope.”

• David and Sarah were joined on Advisory Opinions this week by diplomat and political fundraiser Matthew Barzun to discuss his book about leadership, The Power of Giving Away Power.

• On the site today, John Gustavsson breaks down the ways in which the U.S. ought to balance its moral obligations to Afghan refugees with its domestic obligations to minimize national security threats and keep culture clash to a minimum.

Let Us Know

Do you see a meaningful difference between Apple scanning something you upload to the cloud and something stored locally on your phone? How should tech companies think about the tradeoffs between privacy and security?

Reporting by Declan Garvey (@declanpgarvey), Andrew Egger (@EggerDC), Charlotte Lawson (@charlotteUVA), Ryan Brown (@RyanP_Brown), Harvest Prude (@HarvestPrude), and Steve Hayes (@stephenfhayes).