It was only when upload to iCloud was enabled which is functionally equivalent to a check on server (and enables future roll out of encrypted content on the sever).
The CSAM issue was mostly misunderstood by HN imo.
As long as we are clear about the circumstances, and we're not misrepresenting the situation so it appears it can scan photos not being uploaded to iCloud, sure.
The intention of the implementation is that if a user asks Apple to upload CSAM to iCloud, that Apple has the ability to check it and stop that CSAM landing on their servers. They don't want it there, and feel they have a right to check for it in advance so their servers are clear of CSAM and it stays on the user's phone. Frankly I think that's a reasonable attitude to take to CSAM.
> and feel they have a right to check for it in advance
Ok, and thats the problem. Because the scan is on the user's device. No, I don't think they should have the right to use someone else's device, that the individual owns, like that.
The CSAM issue was mostly misunderstood by HN imo.