[aeronaute]

Thanks. I can agree that the process sounds very secure, but I still can't agree that it's more private. Apple had and will have the capability to decrypt iCloud data, so why add the additional scanning on the phone, of all places?

> Unless/until I see technical documents showing why there is a privacy issue for people who don't have CSAM

For me, it's about trust. Why not just do the scanning on their servers? With moving the scanning to the client, they've crossed the Rubicon. Apple has built a generic, automatic reporting tool for content on phones, which to my knowledge hasn't existed to date. On top of that, they've set the example that it's acceptable to perform client-side scanning.

Today it's against CSAM, but what about tomorrow? What will happen in authoritarian countries? Prior to this, I believe Apple had the high ground and could say, "we don't have the capability to scan devices and exfiltrate data". But now, it's there.

Perhaps you may say that this is the "slippery slope" argument, and maybe it is. I hope it never expands to include other things. Though I have a hard time imagining that this doesn't get expanded in the future.