You probably don't realise it, because you're coming from a perspective that has been heavily influenced in a particular way, but some of these questions are kind of insulting and don't really assume good faith (or even basic decency) on my part.
> "does the CP protection end justify any means?"
Like, is this legitimately a question you think I might answer "yes" to?
This is the equivalent of "do you support the rape of children?".
I'll gladly comment on more specific points if you are genuinely struggling to understand how Apple could honestly implement this system in good faith.
I apologise if you you genuinely felt my questions were assuming bad faith. It was not my intention.
> "does the CP protection end justify any means?"
It's a style of argumentation. Not personal. When trying to find where to draw a line in the sand, one way is to draw a line that almost certainly encompasses us both. We are obliged to consider: if not this line (obviously) then what line?
My intent was to find your limit. Do you have any qualms with what you may do under the law? For you personally, how much erosion of innocents' liberties would be acceptable?
Based on your earlier comment, I was not asking Apple, I was asking a LEO who acts with some but limited justification. Legal and moral. And I would like to ask in good faith about how you see those limits.
>> This is the equivalent of "do you support the rape of children?
No need to make it black and white. Almost nobody supports this. I am sure you don't. Please assume good faith on my part too. There are always trade-offs. How far would you go?
I think it's legitimate for companies to implement automated systems, such as CSAM and spam filtering, to limit the amount of unwanted material on their networks. I don't have any problem with Apple, Google, and Microsoft, checking the hashes of files I upload (or attempt to upload, in Apple's case) to their servers against ICSE. I would have an issue if employees of those companies had unfettered, unaudited access to users files.
Outside of giving my opinion of a specific proposal I don't know what you expect me to say.
Perhaps you could describe your own "limit" to how much avoidable suffering is acceptable to you before you would support automated scanning of uploads. I don't personally believe it's possible to precisely explain an overarching "limit" in situations that balance competing moral and philosophical concerns.
---
I'm being rate limited now due to downvotes, might not be able to respond further
Sorry you got rate-limited. On HN, new accounts are rate-limited by default because of past abuses by trolls. I've turned that off now for your account (I'm a mod here).
It's probably timing that is limiting your responses. AFAIK downvotes won't do that. And I didn't down-vote you.
I accept your answer, and acknowledge that different perspectives are valuable.
My own opinion is far less relevant as I probably will not be implementing or executing systems that target information from large swathes of a population for inspection by my organisation.
Nevertheless, let me give it a shot. I asked you about the social cost of false-positives. You reciprocated by asking me about false-negatives. It's tough - on both sides of the equation.
I try to apply weighting. If the dragnet would be targeted to a limited number (say 100) then it could easily be justified, since the relative horror of one over the other is surely in that ball park. Maybe even 1,000.
The problem for me is that mass surveillance such as the subject of this discussion is not numerically constrained. It's trawling the entire ocean floor for the one or two species that may be legally caught.
For you does the CP protection end justify any means?
Where would you personally draw the line on mass surveillance by LE for the sake of your specific LE goals?
CP aside, are there other crimes that you feel should be folded-in to a dragnet like this?