Hunter Storm Logo - Black and Gold Trademark Symbol. This image embodies Hunter Storm Store, Hunter Storm digital experience optimization, and all of her endeavors.

Tech for Good | Think of the Children

by Hunter Storm, (originally published August 6, 2021 on LinkedIn)

On August 5, 2021, Reuters released an article, Apple Plans to Scan U.S. Phones for Child Abuse Imagery. So, Apple plans to scan users’ devices for child porn. A laudable goal. However, there are many factors to consider in an endeavor like this. It’s important to focus efforts where we get the best return on investment (ROI). With that, welcome to the first public StormWatch, where we discuss the ramifications of the fact that Apple plans to scan images on devices they manufactured.

Stopping crime against children and people of all ages is a goal I support 100%. However, the means by which we achieve this protection are also important. The presumption of “innocent until proven guilty” is a foundational concept in a free society. Since we can accomplish the goal of protecting people by non-invasive means and do it globally instead of just at Apple…Let’s discuss a few mundane operational risk questions.

These risk questions are not specific to Apple. In fact, they are things I would ask during a risk assessment for any environment of this nature. Since Apple wants to perform a public service by scanning, I thought I would volunteer to help by writing some risk assessment questions to help guide the trust, security, and integrity of the proposed system.

 

Risk Assessment Questions | Third Party Scan of Data

The following is a series of information security risk assessment questions that map to various legal and regulatory issues. For brevity and clarity for non-technical readers, I only listed the questions and the global impacts (i.e., critical, high, medium, etc.).

 

Exposure of Sensitive Data (Critical)

  • How will corporations prevent Apple from scanning their infrastructure and data? Many organizations use Apple devices. They also permit users to BYOD (Bring Your Own Device) and connect to corporate email and other services. This means that Apple scans for child abuse images could collect restricted, confidential, and sensitive information.
  • What technological mechanisms will Apple use to determine what is child porn as compared to other data?
  • Who is funding the development of this scanning environment…and why? Asking because this is going to be a major investment in technology, network bandwidth, staffing, security, and storage.
  • How will Apple differentiate between parents’ baby pictures and actual child porn?
  • What will be done with the “non-child porn” Information?

 

Legal and Ethical Considerations (High)

  • What are the potential legal ramifications of no-warrant search of innocent individuals?
  • How does Apple plan to mitigate risks associated with meeting global legal and ethical standards? Although this particular proposal is the U.S., global standards apply because the devices may be owned by foreign nationals or by those who have dual citizenship.
  • What legal protection does Apple have from being sued for retaining any child porn they find? Since Apple is not a law enforcement organization, this is a legal gray area that could potentially open the company to potential litigation.

 

Data Retention, Disposal, and Security (High)

  • Who will delete the data after it was scanned and ingested into the tool?
  • How will we verify it was actually deleted instead of replicated to storage for “research purposes?”
  • How will this information be protected in transit and in storage?
  • Will it meet all legal and regulatory requirements for the handling of confidential and restricted data? That means encryption at particular levels of cipher strength. The scanned data is likely to contain usernames and passwords, HIPPA-protected images and information, etc. it might even contain SSN / TIN (Social Security Number / Taxpayer ID Number) data because many people store this information on their devices, even when told not to.

 

Governance, Risk, and Compliance (GRC) and Opt-Out Policies (High)

  • Will Apple permit users to opt out of this scanning?

  • Who is responsible for ongoing governance and oversight of this scanning program?

  • How will corporations ensure compliance with local and international privacy and data protection laws?

  • How will Apple monitor and prevent people with access to this information from using it for their own child porn collections? Insider abuse is a clear risk with this type of material..including the aforementioned innocent images taken by proud parents.
  • Who will monitor the monitors?
  • What are all the planned Use Cases of this global tool?

 

Operational and Cost Implications (Medium)

  • Who will pay for the additional data usage on our mobile device plans and the upgrades to our local storage? Scanning takes bandwidth, and bandwidth costs money.
  • What network bandwidth, data, and storage impacts will these scans have on corporate and personal devices?

 

Seems like some interesting discussions are on the way.

 

Discover More from Hunter Storm

Enjoy this StormWatch cybersecurity advisory from Hunter Storm? Dive into more of her articles, posts, professional background, white papers, and more.

 

About the Author | Hunter Storm | Technology Executive | Global Thought Leader | Keynote Speaker

CISO | Advisory Board Member | SOC Black Ops Team | Systems Architect | Strategic Policy Advisor | Artificial Intelligence (AI), Cybersecurity, Quantum Innovator | Cyber-Physical-Psychological Hybrid Threat Expert | Ultimate Asymmetric Advantage

Background

Hunter Storm is a veteran Fortune 100 Chief Information Security Officer (CISO); Advisory Board Member; Security Operations Center (SOC) Black Ops Team Member; Systems Architect; Risk Assessor; Strategic Policy and Intelligence Advisor; Artificial Intelligence (AI), Cybersecurity, Quantum Innovator, and Cyber-Physical-Psychological (Cyber-Phys-Psy) Hybrid Threat Expert; and Keynote Speaker with deep expertise in AI, cybersecurity, and quantum technologies.

Drawing on decades of experience in global Fortune 100 enterprises, including Wells Fargo, Charles Schwab, and American Express; aerospace and high-tech manufacturing leaders such as Alcoa and Special Devices (SDI) / Daicel Safety Systems (DSS); and leading technology services firms such as CompuCom, she guides organizations through complex technical, strategic, and operational challenges.

Hunter Storm combines technical mastery with real-world operational resilience in high-stakes environments.

Global Expert and Subject Matter Expert (SME) | AI, Cybersecurity, Quantum, and Strategic Intelligence

A recognized subject matter expert (SME) with top-tier expert networks including GLG (Top 1%), AlphaSights, and Third Bridge, Hunter Storm advises Board Members, CEOs, CTOs, CISOs, Founders, and Senior Executives across technology, finance, and consulting sectors. Her insights have shaped policy, strategy, and high-risk decision-making at the intersection of AI, cybersecurity, quantum technology, and human-technical threat surfaces.

Projects | Research and Development (R&D) | Frameworks

Hunter Storm is the creator of The Storm Project: AI, Cybersecurity, Quantum, and the Future of Intelligence, the largest AI research initiative in history.

She is the originator of the Hacking Humans: Ports and Services Model of Social Engineering, a foundational framework in psychological operations (PsyOps) and biohacking, adopted by governments, enterprises, and global security communities.

Hunter Storm also pioneered the first global forensic mapping of digital repression architecture, suppression, and censorship through her project Discrimination by Design: First Global Forensic Mapping of Digital Repression Architecture, monitoring platform accountability and digital suppression worldwide.

Achievements and Awards

Hunter Storm is a Mensa member and recipient of the Who’s Who Lifetime Achievement Award, reflecting her enduring influence on AI, cybersecurity, quantum, technology, strategy, and global security.

Hunter Storm | The Ultimate Asymmetric Advantage

Hunter Storm is known for solving problems most won’t touch. She combines technical mastery, operational agility, and strategic foresight to protect critical assets and shape the future at the intersection of technology, strategy, and high-risk decision-making.

Hunter Storm reframes human-technical threat surfaces to expose vulnerabilities others miss, delivering the ultimate asymmetric advantage.

Discover Hunter Storm’s full About the Author biography and career highlights.

Professional headshot of Hunter Storm, a global strategic leader, AI expert, cybersecurity expert, quantum computing expert, strategic research and intelligence, singer, and innovator wearing a confident expression. The image conveys authority, expertise, and forward-thinking leadership in cybersecurity, AI security, and intelligence strategy.

Securing the Future | AI, Cybersecurity, Quantum computing, innovation, risk management, hybrid threats, security. Hunter Storm (“The Fourth Option”) is here. Let’s get to work.

Confidential Contact

Consultations, engagements, board memberships, leadership roles, policy advisory, legal strategy, expert witness, or unconventional problems that require highly unconventional solutions.

 

By Social Impact, Technology and Innovation