YASM (Yet Another Surveillance Mechanism)

Ludvigsen, Kaspar Rosager and Nagaraja, Shishir and Daly, Angela (2022) YASM (Yet Another Surveillance Mechanism). Other. arXiv.org, Ithaca, NY. (https://doi.org/10.48550/arXiv.2205.14601)

[thumbnail of Ludvigsen-etal-arXiv-2022-YASM-Yet-Another-Surveillance-Mechanism]
Preview
Text. Filename: Ludvigsen_etal_arXiv_2022_YASM_Yet_Another_Surveillance_Mechanism.pdf
Preprint
License: Creative Commons Attribution 4.0 logo

Download (786kB)| Preview

Abstract

Client-Side Scanning (CSS) see in the Child Sexual Abuse Material Detection (CSAMD) represent ubiquitous mass scanning. Apple proposed to scan their systems for such imagery. CSAMD was since pushed back, but the European Union decided to propose forced CSS to combat and prevent child sexual abuse and weaken encryption. CSS is mass surveillance of personal property, pictures and text, without considerations of privacy and cybersecurity and the law. We first argue why CSS should be limited or not used and discuss issues with the way pictures cryptographically are handled and how the CSAMD preserves privacy. In the second part, we analyse the possible human rights violations which CSS in general can cause within the regime of the European Convention on Human Rights. The focus is the harm which the system may cause to individuals, and we also comment on the proposed Child Abuse Regulation. We find that CSS is problematic because they can rarely fulfil their purposes, as seen with antivirus software. The costs for attempting to solve issues such as CSAM outweigh the benefits and is not likely to change. The CSAMD as proposed is not likely to preserve the privacy or security in the way of which it is described source materials. We also find that CSS in general would likely violate the Right to a Fair Trial, Right to Privacy and Freedom of Expression. Pictures could have been obtained in a way that could make any trial against a legitimate perpetrator inadmissible or violate their right for a fair trial, the lack of any safeguards to protect privacy on national legal level, which would violate the Right for Privacy, and it is unclear if the kind of scanning could pass the legal test which Freedom of Expression requires. Finally, we find significant issues with the proposed Regulation, as it relies on techno-solutionist arguments and disregards knowledge on cybersecurity.

ORCID iDs

Ludvigsen, Kaspar Rosager ORCID logoORCID: https://orcid.org/0000-0001-7243-2548, Nagaraja, Shishir and Daly, Angela ORCID logoORCID: https://orcid.org/0000-0002-7529-4213;