The Lawfare Podcast: Susan Landau and Ross Anderson on the Going Dark Debate and the Risks of Client-Side Scanning

Jen Patja, Stephanie Pell, Susan Landau, Ross Anderson
Wednesday, November 10, 2021, 12:00 PM

Published by The Lawfare Institute
in Cooperation With

The “going dark” debate, which concerns how society and the technology industry should address the challenges that law enforcement faces in investigating crime due to the increasing use of encryption on mobile devices and by communication platforms and services, was in the news again because of Apple's recent proposal to engage in client-side scanning. Apple planned to scan iPhones for child sexual abuse material, or CSAM, before such images were uploaded to iCloud. Prior to Apple's announcement, however, a distinguished group of computer scientists and engineers were already working on a paper to explain the security and privacy risks of client-side scanning. The paper, which they have now released, is called “Bugs in our Pockets: The Risks of Client-Side Scanning.”

To talk about this most recent development in the going dark debate, Stephanie Pell sat down with two of the paper’s authors: Susan Landau, Bridge Professor of Cybersecurity and Policy in The Fletcher School and at the School of Engineering, Department of Computer Science, at Tufts University; and Ross Anderson, professor of security engineering at the University of Cambridge and at the University of Edinburgh. They discussed some of the most significant privacy and security risks client-side scanning creates, why client-side scanning requires a different analysis from other aspects of the discussion about government access to encrypted data, and why the authors of the paper consider client-side scanning to be a dangerous technology.

Jen Patja is the editor and producer of The Lawfare Podcast and Rational Security. She currently serves as the Co-Executive Director of Virginia Civics, a nonprofit organization that empowers the next generation of leaders in Virginia by promoting constitutional literacy, critical thinking, and civic engagement. She is the former Deputy Director of the Robert H. Smith Center for the Constitution at James Madison's Montpelier and has been a freelance editor for over 20 years.
Stephanie Pell is a Fellow in Governance Studies at the Brookings Institution and a Senior Editor at Lawfare. Prior to joining Brookings, she was an Associate Professor and Cyber Ethics Fellow at West Point’s Army Cyber Institute, with a joint appointment to the Department of English and Philosophy. Prior to joining West Point’s faculty, Stephanie served as a Majority Counsel to the House Judiciary Committee. She was also a federal prosecutor for over fourteen years, working as a Senior Counsel to the Deputy Attorney General, as a Counsel to the Assistant Attorney General of the National Security Division, and as an Assistant U.S. Attorney in the U.S. Attorney’s Office for the Southern District of Florida.
Susan Landau is Bridge Professor in The Fletcher School and Tufts School of Engineering, Department of Computer Science, Tufts University, and is founding director of Tufts MS program in Cybersecurity and Public Policy. Landau has testified before Congress and briefed U.S. and European policymakers on encryption, surveillance, and cybersecurity issues.
Ross Anderson is a professor of security engineering at the University of Cambridge and at the University of Edinburgh.

Subscribe to Lawfare