Problem one is Apple doesn't know what they are scanning for.
This is by design and actually a good thing.
It becomes a problem because problem number 2:
No one is accountable if someone gets their life ruined over a mistake in this database.
I'd actually be somewhat less hostile to this idea if there was more regulatory oversight:
- laws that punishes police/officials if innocent people are harmed in any way
- mandatory technical audits as well as verification that for what it is used for: Apple keeps logs of all signatures that "matched"/triggered as well as raw files, these are provided to the court as part of any case that comes up. This way we could hopefully prevent most fishing expeditions - both wide and personalized ones - and also avoid any follow up parallel reconstructions.
I'm not saying I'd necessarily be OK with it but at that point there would be something to discuss.
This is by design and actually a good thing.
It becomes a problem because problem number 2:
No one is accountable if someone gets their life ruined over a mistake in this database.
I'd actually be somewhat less hostile to this idea if there was more regulatory oversight:
- laws that punishes police/officials if innocent people are harmed in any way
- mandatory technical audits as well as verification that for what it is used for: Apple keeps logs of all signatures that "matched"/triggered as well as raw files, these are provided to the court as part of any case that comes up. This way we could hopefully prevent most fishing expeditions - both wide and personalized ones - and also avoid any follow up parallel reconstructions.
I'm not saying I'd necessarily be OK with it but at that point there would be something to discuss.