Danger: Client-Side Scanning

Ramarro Marrone

Playlists: 'bornhack2022' videos starting here / audio

European governments are proposing vague legislation that would likely require that messages be scanned for objectionable content before the message is sent (client-side scanning). This is bad.

The legislation has been promoted under names like "fighting child sexual abuse", by lobbyists promoting a proprietary screening service. We don't have good reason to think such scanning would in fact prevent child sexual abuse.

Moreover, to scan messages this way would in practice require that we forego end-to-end encryption. Client-side scanning would be terrible for information security, data protection, privacy, freedom, &c.

It happens only I am presenting, but the idea for this talk came from discussions at Cryptohagen.