The Lawfare Podcast: Susan Landau and Ross Anderson on the Going Dark Debate and the Risks of Client-Side Scanning

Jen Patja, Stephanie Pell, Susan Landau, Ross Anderson
Wednesday, November 10, 2021, 12:00 PM

Published by The Lawfare Institute
in Cooperation With
Brookings

The “going dark” debate, which concerns how society and the technology industry should address the challenges that law enforcement faces in investigating crime due to the increasing use of encryption on mobile devices and by communication platforms and services, was in the news again because of Apple's recent proposal to engage in client-side scanning. Apple planned to scan iPhones for child sexual abuse material, or CSAM, before such images were uploaded to iCloud. Prior to Apple's announcement, however, a distinguished group of computer scientists and engineers were already working on a paper to explain the security and privacy risks of client-side scanning. The paper, which they have now released, is called “Bugs in our Pockets: The Risks of Client-Side Scanning.”

To talk about this most recent development in the going dark debate, Stephanie Pell sat down with two of the paper’s authors: Susan Landau, Bridge Professor of Cybersecurity and Policy in The Fletcher School and at the School of Engineering, Department of Computer Science, at Tufts University; and Ross Anderson, professor of security engineering at the University of Cambridge and at the University of Edinburgh. They discussed some of the most significant privacy and security risks client-side scanning creates, why client-side scanning requires a different analysis from other aspects of the discussion about government access to encrypted data, and why the authors of the paper consider client-side scanning to be a dangerous technology.


Jen Patja is the editor and producer of the Lawfare Podcast and Rational Security. She currently serves as the Co-Executive Director of Virginia Civics, a nonprofit organization that empowers the next generation of leaders in Virginia by promoting constitutional literacy, critical thinking, and civic engagement. She is the former Deputy Director of the Robert H. Smith Center for the Constitution at James Madison's Montpelier and has been a freelance editor for over 20 years.
Stephanie Pell is a Fellow in Governance Studies at the Brookings Institution and a Senior Editor at Lawfare. Prior to joining Brookings, she was an Associate Professor and Cyber Ethics Fellow at West Point’s Army Cyber Institute, with a joint appointment to the Department of English and Philosophy. Prior to joining West Point’s faculty, Stephanie served as a Majority Counsel to the House Judiciary Committee. She was also a federal prosecutor for over fourteen years, working as a Senior Counsel to the Deputy Attorney General, as a Counsel to the Assistant Attorney General of the National Security Division, and as an Assistant U.S. Attorney in the U.S. Attorney’s Office for the Southern District of Florida.
Susan Landau is Professor of Cyber Security and Policy in Computer Science, Tufts University. Previously, as Bridge Professor of Cyber Security and Policy at The Fletcher School and School of Engineering, Department of Computer Science, Landau established an innovative MS degree in Cybersecurity and Public Policy joint between the schools. She has been a senior staff privacy analyst at Google, distinguished engineer at Sun Microsystems, and faculty at Worcester Polytechnic Institute, University of Massachusetts Amherst, and Wesleyan University. She has served at various boards at the National Academies of Science, Engineering and Medicine and for several government agencies. She is the author or co-author of four books and numerous research papers. She has received the USENIX Lifetime Achievement Award, shared with Steven Bellovin and Matt Blaze, and the American Mathematical Society's Bertrand Russell Prize.
Ross Anderson is a professor of security engineering at the University of Cambridge and at the University of Edinburgh.

Subscribe to Lawfare