Article Review # 1:
Dynamic Analysis: Client-Side Scanning an Unpromising Benefit with Powerful Surveillance
This article review is from the Journal of Cybersecurity: Bugs in Our Pockets: The Risks of Client-Side Scanning. The article discusses the research findings of a new technology, client-side scanning (CSS), aimed to access targeted data for law enforcement investigations, evidence, intelligence, or digital forensics purposes (Abelson et al, 2024). The question: Do CSS systems offer a solution to successfully investigate targeted data and provide for a secure and private cyber society? As a society our dependency on technology to store, receive, and send information, sometimes personal, has increased the need to protect that data and the devices used. Cryptography, a means to hide or code information so that only intended people can read it, has long been the popular means to code messages. Increasingly used, law enforcement and other security agencies are sounding the alarm that the sophistication of cryptography is hindering their access to evidence and intelligence needed to investigate crime and support digital forensics (Abelson et al, 2024). CSS would allow data scanning on devices openly, bypassing the need to soften encryption or strengthen law enforcement’s ability to decrypt information. CSS proposes to detect targeted information, and likely its source, and unveil this information to law enforcement and or other agencies when needed. Short of the “targeted information” or “targeted content” nothing else would leave a client device. The article takes an in-depth look at how CSS possesses a cyber-risk and lends less to crime prevention or surveillance solutions. The article explores how CSS contributes to the risk of bad cyber-policy (changing government access circumventing encryption entirely), cyber-threats, and net-widening digital forensics, expanding social control over individuals. The author offers cross-culture comparative research that CSS creates numerous public safety concerns and fosters social cybersecurity threats-potential abuse motivated by individuals, groups, or government agencies. Content scanning and targeted content can vary in different countries. Outright surveillance in the USA versus European Union (EU), this article explores privacy rights in the EU and takes a deep dive into the Carnegie study and how the implications of CSS would impact policy. The authors review Apple’s August 2021 proposal for CSS, finding that their limited surveillance scope promise is more of a cybersecurity threat as user’s data is searched and inspected arbitrarily (Abelson et al, 2024). Can CSS systems be used against users, expanded to any interest of government, or manipulated by those of ill will to avoid detection?
Relationship to Social Science Principles, Key Concepts, and Marginalized Groups
The article explores how the use of CSS threatens the social and behavioral cyber infrastructure. Bringing surveillance to a whole new level. The article explores the social science threat of CSS and influences on the legal, social, and criminological cyber community. CSS systems move content scanning from the server to the client which fuels bad actors. Potential abuse can be expanded from authorized parties (government), unauthorized parties (outside hackers), and local adversaries (controlling family members) (Abelson et al, 2024). Variations within CSS computation and keyword scanning have security risks and abuse potential on targeted populations. Content scanning and automated reporting could increase attacks on journalists, minorities in the case of images, and in the case of text -minority language flags. Bulk surveillance technology presents safety and privacy risks and threatens the privacy of law-abiding citizens. Cybersecurity economics must also be considered when studying CSS technology. Law enforcement searches are expensive, which protects citizens from purposeless government invasions, warrantless searches, and mediocre suspicion (Abelson et al, 2024). Unlike a CSS system which is cheaply acquired material widening the net, or bulk scanning.
Overall Societal Contributions
Understanding cybersecurity threats at the societal level requires addressing challenges beyond the technological aspect and exploring human behaviors and motivations (Abelson et al, 2024). The cyber infrastructure is only as strong as understanding cybersecurity and minimizing threats and risks. The research in the article offers a valuable examination of CSS and the “multiple ways in which it can fail, be evaded, and abused” (Abelson et all, 2024 p.2)
Conclusion
In conclusion, this article offers a thorough analysis into the promises of CSS. The article’s findings lack favor of CSS arguing it empowers a range of cybersecurity threats and compromises user safety. CSS, or bulk scanning, all user devices for targeted content, undermines basic freedoms and infringes on privacy. Technology, specifically our personal information on devices, and laws must be pro rata to protect user privacy, security, and safety.
References:
Abelson et al., (2024). Bugs In Our Pockets: The Risks of Client-Side Scanning. Journal of Cybersecurity, Volume 10, Issue 1, 2024, tyad020.https://doi.org/10.1093/cybsec/tyad020