Monday, December 23, 2024

Apple’s Biggest Ever iMessage Change May Be Here In Just 14 Days

Must read

No sooner has Apple finally confirmed its adoption of RCS messaging alongside iMessage, then along comes something much bigger to mess it all up. We’ve known for some time that 2024 will be a huge year for messaging, but it turns out that while the landscape may still be about to change forever, it’s not in a good way.

As expected, Apple presented RCS—essentially an upgrade on SMS—at its WWDC event. No surprises. Green bubbles remain green, security remains restricted at least for now, and the walls of iMessage’s walled garden remain largely intact.

But RCS is about to take a back seat. Europe’s attack dogs are not satisfied with the changes already pushed on Apple and its peers. Not only are huge fines potentially in the mix, as Brussels investigates adherence to its app store rules, but iMessage is now firmly in its sights. Their intent is to agree something before the end of June.

ForbesGoogle Reveals New Play Store Warning For Samsung And Pixel Users

Putting WWDC’s exciting AI and RCS news to one side, the biggest change to iPhone this year has been regulatory rather than innovatory. Brussels’ eurocrats have forced Apple to open up to third-party app stores and to give users optionality over which stock Apple apps they keep and which they delete. Competition 1 — Security 0.

And so to iMessage and a similarly worrying new risk from that same source. This time the issue is law enforcement’s lack of access to the fully encrypted content transmitted over iMessage (and WhatsApp, Signal, Google Messages, Facebook Messenger). With end-to-end encryption, only the sender and recipient can decrypt content, and so intercepting the data stream is unproductive. Security and law enforcement agencies have lobbied for back doors to be inserted such that they can eavesdrop, the industry has given that a flat no and parliaments have thus far agreed.

But not to be deterred and under the guide of CSAM prevention—a harder battle for big tech to fight than general law enforcement, Europe has a shiny new idea. Think of this as a back door inserted into the idea of a back door.

When it was floated earlier in the year, crypto expert Matthew Green described parts of the proposal as “the most terrifying thing I’ve ever seen… a new mass surveillance system that will read private text messages, not to detect CSAM, but to detect ‘grooming’.” That nightmarish prospect is now getting much closer.

Signal has confirmed it will exit EU markets rather than comply. Apple reportedly considered the same when the UK explored its own encryption compromises. These EU proposals look much more real, and last year 9to5Mac joined the dots and warned that these much more real EU proposals might see Apple pull iMessage.

In its chair role of the Council of Europe, the world renowned—or not—technical experts within the Belgian government have come up with a clever ruse. Users will consent to device side scanning media attachments for CSAM flags (image, video, URL), or they lose access to sending attachments and will be limited to plain texts.

This idea has been dubbed “chat control,” and yes, it’s a silly as it sounds.

Ordinarily, such proposals come and go and don’t stick. That’s certainly what we’ve seen before when it comes to encryption compromises. But Europe is on a roll and this idea won’t go away. It is being debated and reshaped. But it remains.

ForbesApple’s New Security Update Exposes Samsung’s Biggest AI Problem

The EU’s parliament had rejected more sweeping encryption backdoors, but this new compromise is garnering support. The Netherlands has now said it “partly agrees” with the latest Belgian chat control proposal, and Netzpolitik warns it may even become tougher yet. “Several states criticize the restriction to images and videos. Ireland fears that chat control will ‘lose effectiveness.’ Denmark demands that ‘text must also be covered’… Many states support the basic direction of the new proposals. These include chat control advocates such as Romania, Bulgaria and Denmark.”

Separately, but emphasizing just how serious Europe’s assault on big tech could become, The Financial Times has reported that “Brussels is set to charge Apple over allegedly stifling competition on its mobile app store, the first time EU regulators have used new digital rules to target a Big Tech group.”

This could mean billions of dollars in fines.

None of us really expected Apple to open up to other app stores or WhatsApp to introduce its messaging chat hub—but here we now are. What is now under review in Brussels is much more significant. Once device-side scanning is mandated there will be no turning back. CSAM will expand into serious crime, counter-terrorism, and then we get into the realms of political dissent and even sexual niches. Where platforms have a capability, it opens the door for local laws to be formulated.

“We are concerned by developments in the Council of the EU,” warned a joint industry statement released at the end of May. “We call on Ministers in the Council of the EU to reject all scanning proposals that are inconsistent with the principle of end-to-end encryption, including client-side scanning and upload moderation, and to guarantee the protection of digital rights throughout the proposal. These intrusive techniques would only jeopardize the security and the rights of Internet users.”

But there’s a good chance Europe will call big tech’s bluff, with Apple’s iMessage, Signal and Meta’s WhatsApp and Facebook Messenger being given a serious decision to make. And bravado aside, what DMA has shown is that while big tech might warn of consequences, it will reluctantly comply. This is a much more significant test.

Reports suggest this will be discussed privately with a view to forming a workable proposal agreed between states before the end of June. This impacts you. This is serious. The industry has thus far shown zero willingness to engage in this discussion and countenance anything of this sort, but Europe has been just as stubborn in the last year. Apple and its peers forced the UK to backtrack on this issue, the question now is whether they can do the same here.

Latest article