Apple Child Safety: Criticized for Delegating Responsibility to Developers

What happened?

Apple has introduced new child safety features in its ecosystem, such as secure communication in iMessage and sensitive content detection in photos. However, these measures have been criticized by online safety experts. Richard Pursey, CEO of SafeToNet, stated in an interview with TechRadar that the new features 'don't get to where the harm occurs' and that delegating responsibility to app developers poses a 'huge risk' for children. Pursey noted that most risky interactions occur in third-party apps like WhatsApp, Instagram, or TikTok, not in Apple's own services. He also highlighted that Apple's tools focus on detection after content has been shared, rather than preventing it before it happens. This criticism comes in a context where Apple has historically been cautious about privacy, but according to its detractors, sometimes sacrifices child safety in favor of protecting adult data.

Why is it important?

Apple's stance is crucial because the company has significant control over its closed ecosystem, which would allow it to implement more robust measures at the operating system level. By not doing so, it leaves child safety in the hands of external developers, who may have different levels of commitment and resources. This creates fragmentation in protection, where some children are left unprotected depending on the apps they use. According to data from Common Sense Media, teenagers spend an average of more than 7 hours a day in front of screens, and much of that time on third-party apps. Apple's decision not to apply its safety policies to those apps leaves a huge gap. Additionally, Apple's approach contrasts with that of other companies like Google, which has implemented parental control tools at the operating system level in Android that work across all apps. The difference is that Apple, by prioritizing privacy, avoids scanning content on the device, which limits its ability to detect threats in real time. This debate is not new: in 2021, Apple abandoned its plan to scan photos in iCloud for child sexual abuse material (CSAM) after criticism from privacy groups. Now, with these new features, it attempts a balance that, according to Pursey, remains insufficient.

Consequences for the industry and users

This situation can lead to a false sense of security among parents, who trust that Apple protects their children across all apps. In reality, protection only applies to Apple's own services, such as iMessage and FaceTime, while popular apps like WhatsApp, Instagram, or TikTok are left out. Developers of these apps will need to implement their own measures, which can result in inconsistent standards. For example, WhatsApp already has end-to-end encryption but does not offer sensitive content detection tools. Instagram, on the other hand, has introduced parental supervision features, but they are not mandatory. This fragmentation means a child may be protected in iMessage but exposed on Instagram. Furthermore, Pursey's criticism highlights that Apple prioritizes adult privacy over child safety, a debate that has been ongoing since the company refused to unlock the iPhone of the San Bernardino shooter in 2016. In that case, Apple argued that creating a backdoor would compromise the security of all users. Now, with child safety, the dilemma is similar: how to balance privacy with the protection of minors? Pursey suggests that Apple could implement system-level measures that do not compromise privacy, such as contextual alerts based on behavior, without needing to scan content. Regulatory pressure is also increasing: in the UK, the Online Safety Bill requires platforms to take proactive measures to protect children, and Apple could face fines if it does not comply. In the US, the Kids Online Safety Act (KOSA) is advancing in Congress, which could force changes in Apple's ecosystem.

What should readers know?

Parents should understand that Apple's new features are a positive step, but not sufficient. It is necessary to complement them with active parental supervision and third-party tools. Additionally, they should demand that Apple take a more proactive role in child safety, implementing system-level measures that protect children across all apps, not just its own. Public and regulatory pressure could lead to deeper changes in the future. For example, in the European Union, the Digital Services Act (DSA) already requires large platforms to assess systemic risks, including those related to minors. Apple, as a large platform, could be subject to these regulations. Meanwhile, parents can use tools like Apple's Screen Time parental controls, but they should know that it does not cover all apps. They can also turn to third-party solutions like SafeToNet, which offer real-time protection across multiple platforms. In summary, child safety in Apple's ecosystem remains a work in progress, and responsibility falls on both the company and parents and regulators. As Pursey noted, 'Apple has the power to do more, but so far it hasn't.'