Profile picture
Alex Stamos @alexstamos
, 10 tweets, 2 min read Read on Twitter
My incredible colleague, Antigone Davis, Head of Global Safety at Facebook, has posted about our test in Australia to combat Non-Consensual Intimate Imagery (NCII).

newsroom.fb.com/news/h/non-con…
Some salient points:
1) We already have a mechanism for victims of NCII to report images that are posted on our products. This test is intended to help those victims who are being blackmailed by an abusive partner or criminal and who want to take action.
2) This test was put together with the help of the Australian eSafety Commissioner and several advocates and NGOs with deep experience with NCII and partner abuse. Check out their statements in the post.
3) We are aware that having people self-report their images carries risk, but it's a risk we are trying to balance against the serious, real-world harm that occurs every day when people (mostly women) can't stop NCII from being posted.
In recognition of that risk, we have taken the steps we can to protect this data and to only retain non-reversible hashes. To prevent adversarial reporting, at this time we need to have humans review the images in a controlled, secure environment.
4) We are not asking random people to submit their nude photos. This is a test to provide *some* option to victims to take back control. The test will help us figure out how to best protect people on our products and elsewhere.
A personal comment: this situation is a pretty good example of a problem I talked about at Black Hat this summer. Our greater infosec/privacy community, including the media, has trouble talking about imperfect solutions to serious problems.
When there was a burst of ill-informed press around a crypto issue this year, there was an ability to self-correct, since the external experts who set the tone of the conversation understand crypto.
The number of people outside of the big platforms who have to deal with abuse like this at scale is actually minimal. I think this is a good demo of why we need to continue to talk about these problems publicly to build understanding and trust.
A quick note to everybody who says "calculate the hash locally":
A) Photo fingerprinting algorithms are usually not included in clients to prevent the development of circumvention techniques.
B) Humans need to review to prevent adversarial reporting.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Alex Stamos
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!