Start Up No.1610: Apple CSAM system redux, Amazon’s sellers hunt the negs, Huawei slumps, FTC slaps Facebook, bulk up!, and more

The slog of identifying items in Google’s captchas is an insight into the awful inner world of an AI. Grim, isn’t it? CC-licensed photo by Seth Stoll on Flickr.

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. That warm, huh? I’m @charlesarthur on Twitter. Observations and links welcome.

Apple’s new ‘child safety’ initiatives, and the slippery slope • Daring Fireball

John Gruber:


For obvious reasons, this feature is not optional. If you use iCloud Photo Library, the images in your library will go through this fingerprinting. (This includes the images already in your iCloud Photo Library, not just newly-uploaded images after the feature ships later this year.) To opt out of this fingerprint matching, you’ll need to disable iCloud Photo Library.

A big source of confusion seems to be what fingerprinting entails. Fingerprinting is not content analysis. It’s not determining what is in a photo. It’s just a way of assigning unique identifiers — essentially long numbers — to photos, in a way that will generate the same fingerprint identifier if the same image is cropped, resized, or even changed from color to grayscale. It’s not a way of determining whether two photos (the user’s local photo, and an image in the CSAM [child sexual abuse material] database from NCMEC) are of the same subject — it’s a way of determining whether they are two versions of the same image. If I take a photo of, say, my car, and you take a photo of my car, the images should not produce the same fingerprint even though they’re photos of the same car in the same location. And, in the same way that real-world fingerprints can’t be backwards engineered to determine what the person they belong to looks like, these fingerprints cannot be backwards engineered to determine anything at all about the subject matter of the photographs.

The Messages features for children in iCloud family accounts is doing content analysis to try to identify sexually explicit photos, but is not checking image fingerprint hashes against the database of CSAM fingerprints.


Three days on, loads of people are still commenting on this without having read the proposals in detail. There’s a fair discussion on Lobsters. As one correspondent noted, “I suspect a key driving aspect is about violating people’s psychological expectations of property.”

But it’s scanning images *only if* they’re going to be uploaded to iCloud Photo Library. It’s like the difference between being frisked for illegal drugs (say) when you step outside your front door onto the garden path to the road, and being frisked for those drugs when you step through the gate onto the pavement. You’re going to the same place, and the purpose of the frisking is the same. And all the cloud services do the same frisking.

In fact, you don’t know if the cloud services are “frisking” for things other than the known CSAM. Apple at least is being clear about just using the NCMEC database.

More to the point, I’m increasingly sure that Apple delayed its implementation of iCloud backup encryption (which the FBI objected to) in 2018 so it could do this instead.

After this, though, it can roll out encrypted backups while being sure it isn’t harbouring CSAM. That could actually be a benefit to people in countries with repressive regimes which demand access to iCloud backups: Apple might not be able to grant that.
unique link to this extract

In internal memo, Apple addresses concerns around new Photo scanning features, doubles down on the need to protect children • 9to5Mac

Chance Miller:


In an internal memo distributed to the teams that worked on this project and obtained by 9to5Mac, Apple acknowledges the “misunderstandings” around the new features, but doubles down on its belief that these features are part of an “important mission” for keeping children safe.

Apple has faced a significant amount of pushback for these features, including from notable sources such as Edward Snowden and the Electronic Frontier Foundation. The criticism centers primarily on Apple’s plans to scan iCloud Photos to check against a database of child sexual abuse material (CSAM) for matches and the potential implications of such a feature.

The memo, which was distributed late last night and obtained by 9to5Mac, was written by Sebastien Marineau-Mes, a software VP at Apple. Marineau-Mes says that Apple will continue to “explain and detail the features” included in this suite of Expanded Protections for Children.

Marineau-Mes writes that while Apple has seen “many positive responses” to these new features, it is aware that “some people have misunderstandings” about how the features will work, and “more than a few are worried about the implications.” Nonetheless, Marineau-Mes doubles down on Apple’s belief that these are necessary features to “protect children” while also maintaining Apple’s “deep commitment to user privacy.”


Note that the memo says they’ve been working on this for “years” – some people (on Twitter) have been responding as though Apple built it in a week and never considered the possibility of government influence or interference, and how to counteract that. The NCMEC (US National Center for Missing and Exploited Children) also praises it.
unique link to this extract

When Amazon customers leave negative reviews, some sellers hunt them down • WSJ

Nicole Nguyen:


In March, New Yorker Katherine Scott picked out an oil spray bottle for cooking, based on nearly 1,000 glowing Amazon reviews of the product, which had a 4.5-star rating average. When the $10 sprayer arrived, she found the item didn’t work as advertised: Instead of a mist, it produced a stream of oil, she said. “It was like a Super Soaker gun instead of a spray-paint can, which defeats the purpose of the product,” she said. She left a negative review.

A week later, Ms. Scott received an email from someone claiming to be from the customer-service team of the oil sprayer’s brand, Auxtun—correspondence which I have reviewed.

“We are willing to refund in full,” the representative wrote. “We hope you can reconsider deleting comments at your convenience okay?” The message concluded, “When we do not receive a response, we will assume that you did not see it, and will continue to send emails.”

The seller shouldn’t have had her email address. Sellers who fulfill orders themselves do receive customer names and mailing addresses. But for orders that Amazon itself fulfills, customer data is supposed to be shielded from sellers and brands.

Sellers are permitted to communicate with buyers through Amazon’s built-in messaging platform, which hides the customer’s email address. Amazon’s terms of service also prohibit sellers from requesting that a customer remove a negative review or post a positive one.

“We do not share customer email addresses with third-party sellers,” an Amazon spokesman told me.

Meanwhile, brands, which can be distinct from sellers, may reach out to unsatisfied customers through Amazon’s messaging service, but they also aren’t allowed to ask customers to remove negative reviews.

Ms. Scott asked for a refund but didn’t want to delete her review. Another representative reached out the next day and declined to issue her refund. “A bad review is a fatal blow to us,” read the email. “Could you help me delete the review? If you can, I want to refund $20 to you to express my gratitude.” (This was twice what Ms. Scott paid.) A few hours later, she received another plea from the same email address.


The principal question – how they got the email address – really isn’t satisfactorily answered. Doesn’t seem to be an Amazon leak. But we are starting to think that reviews really aren’t a good metric for anything, aren’t we.
unique link to this extract

China’s Huawei reports 38% revenue drop as US sanctions bite • WSJ

Dan Strumpf:


China’s Huawei Technologies reported a 38% fall in quarterly revenue Friday, as the damage U.S. sanctions have done to its sales of smartphones and telecommunications equipment worsened.

The drop marks the third straight decline in quarterly revenue for Huawei, the world’s largest maker of telecom equipment and formerly one of the world’s biggest smartphone sellers, and the declines have accelerated since the end of 2020.

Huawei’s smartphone sales, once a top revenue driver for the company, have fallen dramatically since the Trump administration imposed restrictions last year blocking the company from buying most advanced semiconductors. Revenue from telecommunications equipment sales have also dropped, although less dramatically, amid a U.S. campaign pressuring allied countries to drop the Chinese company as a supplier of 5G equipment.

Second-quarter revenue fell to 168.2bn yuan, about $26bn, from 271.8bn yuan in the same quarter a year ago, according to calculations based on figures disclosed by the Shenzhen-based company Friday. The decline marked a sharp acceleration from the 16.5% revenue drop in the first quarter and an 11.2% drop in the fourth quarter of 2020.


Hard to see that anything is going to pull Huawei out of this dive unless the US abruptly rescinds the Trump sanctions. Biden shows no sign of doing that. Possibly it’s being used as a bargaining chip, but there doesn’t seem to be any bargaining underway. Don’t forget, by the way, that a Huawei executive is still fighting extradition from Canada to the US, and China has a Canadian executive in jail, effectively in reprisal.
unique link to this extract

Why stores send you so many emails • The Atlantic

Ian Bogost:


Email is one of the few ways companies can reach their customers directly. In fact, people overwhelmingly say that the way they want to hear from brands is by email, Chad S. White, the head of research for Oracle Marketing Consulting, told me. That’s why the mailbox software started suppressing messages—to protect people from companies’ temptation to send too many emails. In response, email marketers obsess over “deliverability,” or how the content and frequency of their emails might help those messages actually hit your inbox in the first place. But that process has created new and weird feedback loops, in which some companies and certain messages might be able to reach your inbox more readily than before, while others get junked—condemned to spam, deleted, or the like—before you see them.

As a result, your personal inbox gradually has become less like a mailbox and more like a wormhole into every business relationship you maintain: your bank; your utility provider; your supermarket; your favorite boutiques, restaurants, housewares providers, and all the rest. It’s your own digital commercial district: Opening up email is akin to visiting a little mall in your browser or on your phone, where every shop is right next to every other. A few years ago, Gmail made that metaphor concrete by introducing the promotions folder, recasting spam as marketing. When you’re in the mood to shop, just drop into promotions and see what’s on offer (or search for a favorite brand to see the latest wares).


unique link to this extract

Letter to Facebook • Federal Trade Commission

Acting Director of the Bureau of Consumer Protection Samuel Levine writes:


Dear Mr. Zuckerberg:

I write concerning Facebook’s recent insinuation that its actions against an academic research project conducted by NYU’s Ad Observatory were required by the company’s consent decree with the Federal Trade Commission. As the company has since acknowledged, this is inaccurate. The FTC is committed to protecting the privacy of people, and efforts to shield targeted advertising practices from scrutiny run counter to that mission.

While I appreciate that Facebook has now corrected the record, I am disappointed by how your company has conducted itself in this matter. Only last week, Facebook’s General Counsel, Jennifer Newstead, committed the company to “timely, transparent communication to BCP staff about significant developments.” Yet the FTC received no notice that Facebook would be publicly invoking our consent decree to justify terminating academic research earlier this week.

Had you honored your commitment to contact us in advance, we would have pointed out that the consent decree does not bar Facebook from creating exceptions for good-faith research in the public interest. Indeed, the FTC supports efforts to shed light on opaque business practices, especially around surveillance-based advertising.


I’d say that’s pretty unambiguous.
unique link to this extract

Why CAPTCHA pictures are so unbearably depressing • Medium

Clive Thompson:


I hate doing Google’s CAPTCHAs.

Part of it is the sheer hassle of repeatedly identifying objects — traffic lights, staircases, palm trees and buses — just so I can finish a web search. I also don’t like being forced to donate free labor to AI companies to help train their visual-recognition systems.

But a while ago, while numbly clicking on grainy images of fire hydrants, I was struck by another reason:
The images are deeply, overwhelmingly depressing.

…Each cube here [in a Captcha picture] is a tone poem in melancholia. Looking at these leaden vistas of America makes you, slightly but noticeably, feel worse than you did before.

Why are these photos so depressing? What is it about their composition that is so enervating? I’ve been musing on this for a few months now, and had some terrific exchanges about it with Todd Pruzan and Emily Gordon, two friends of mine, on Twitter.

I think I’ve figured it out, and so now I present — The Six Reasons CAPTCHA Pictures Make You Feel Like Crap.


They’re compelling, and surprising, reasons. They also feel very true. Obviously, don’t read it if you don’t want to feel like crap, because there are a few of those Captcha captures in the article.
unique link to this extract

The economics of OnlyFans •

Thomas Hollands scraped OnlyFans for some revenue data:


The revenue of content creators follows a classic power law distribution. The top accounts make something like $100,000 a month (these aren’t in my sample). The median account makes $180 a month.

The top 1% of accounts make 33% of all the money. The top 10% of accounts make 73% of all the money. This isn’t the 80:20 rule; it’s the 80:14 rule.

The standard way to measure inequality of an economy is with a Gini Index. An index of 0 implies a communist utopia, a value of 1 implies a single greedy capitalist owns all the wealth. The Gini index of OnlyFans is 0.83. The most unequal society in the world, South Africa, has a Gini index of 0.68. OnlyFans is less equal than an ex-apartheid state.

OnlyFans is so unequal because chancers make accounts with zero fans, while big Instagram stars take their following with them. A large proportion of accounts have no fans at all, and the lion’s share of fans are shared by the top accounts.

Being an independent explicit online content creator is by many accounts exhausting. Your “fans” are not merely fans, they’re paying customers. To keep that sweet money flowing into their bank accounts, content creators often have to work harder and harder to satisfy their patrons.

Most accounts take home less than $145 per month (after commission). The modal revenue is $0.00, and the next most common is $4.99.

Creators put hours into each post, and on top of that, they interact one-on-one, with fans who can message them at any time. To break even on an OnlyFans account, creators need to earn more per month than the cost of hours spent engaging. The median take-home revenue is $136 per month. If you value a creator’s time at a $15 minimum wage, the median creator needs to be spending less than 9 hours per month on her OnlyFans to break even. This is less than 20 minutes a day.

Fans expect regular, prompt engagement, and many creators compare OnlyFans to running a business. It seems unlikely that you could satisfy all your fans demands in less time than it takes to make and eat breakfast.

Relative to effort, it looks like most accounts lose money.


The internet is fractal: it’s always a power law.
unique link to this extract

August 8-14, 1921 • Reading the Roaring (19)20s

“Tate” is summarising the FT and WSJ from 100 years ago, once a week in the period leading up to the crash of 1929. (That takes a certain confidence in the continued existence of Substack, Tate and indeed the civilised world):


Executive Summary:

Writers at the FT ponder how to spend their day while equity and commodity markets vacillate listlessly. Random ideas captures the very moment of boredom. Even the Financial Times has temporarily shrunk: 6 pages per day this week down from the classic 12 pages. Summer has arrived.

August 11, 1921 – Financial Times
Wrangling over German reparations continues. Over the past year, it has become clear to Britain and France that Germany cannot pay in full. Instead of default, talks open on August 10, 1921 regarding three core issues: German payments to British and French soldiers currently occupying German regions, in kind (steel, coal, timber) transfers in lieu of German gold marks, and assumption of war debt of smaller European countries.


Might build to a great crescendo, or might reveal that nobody knows anything when they’re in the midst of it.
unique link to this extract

How to lose body fat without it ruining your life • Vice

Casey Johnston:


A study published in April 2018 indicated that body composition—that is, the ratio of muscle mass to body fat—played a crucial role in how long subjects lived, and was a better indicator than the tyrannical body-mass index (which is just a weight and height ratio). Muscle mass also helps maintain our metabolism, and stave off diabetes and osteoporosis. People who work to maintain or build the muscle they have by strength training and making sure to eat their protein are protecting their overall health. 

Furthermore, if they are trying to lose body fat, taking care of their muscles means their metabolisms won’t suffer as much from modestly restricting their calories. Without taking care of lean muscle mass, aggressive dieting loses body fat and muscle, and then the inevitable rebound is gained back as body fat. Therefore, chronic or yo-yo dieting without muscle care becomes, effectively, just trading off more and more muscle for body fat. That makes it harder to lose body fat in subsequent attempts, and each time more and more muscle, and its associated benefits, are lost. This sounds scary, I imagine, but hopefully reveals what a scam diet programs are; aside from their extremely regressive “be smaller and smaller forever!” goals, they are essentially designed to create an increasingly desperate failure situation. Fuck them and fuck that.

So given all this, where should you start? While a lot of people I think would say dieting, and dieting certainly seems like the “easiest” way, for the reasons I’ve laid out here, it’s a fool’s errand.


A doctor (off-duty) recently said to me that it’s important to maintain muscle mass, which is lost at about 1% per year past the age of 40, because that’s what burns calories. Otherwise you’ll inevitably put on weight from eating what has always seemed like a “normal” amount, and the avoirdupois won’t be muscle.
unique link to this extract

• Why do social networks drive us a little mad?
• Why does angry content seem to dominate what we see?
• How much of a role do algorithms play in affecting what we see and do online?
• What can we do about it?
• Did Facebook have any inkling of what was coming in Myanmar in 2016?

Preorder Social Warming, my latest book, and find answers – and more.

Errata, corrigenda and ai no corrida: Last week’s article about articles becoming more depressive might just be a factor of a changing corpus in Google Books, according to this Twitter thread (off Twitter, on a single page). So hey, maybe things are looking up! (Thanks Seth for the link.)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.