I think Apple (i) genuinely believes scanning on device is better for privacy because it lets users (theoretically) confirm the behavior of the system and (ii) is learning from others’ mistakes of deploying scanning server side and having that become a blocker to moving to end to end encryption (e.g. Facebook Messenger). My guess is they announce expansions to end to end iCloud behavior soon. Features like this are building blocks to controlling who escrows your iCloud private keys: https://gadgettendency.com/apple-allowed-to-bequeath-and-inh...
You’re welcome, and I’m happy to share alternative theories. I think some of the issues of control that have been raised are legitimate. For example, you brought up the idea that Apple is doing this as part of a move to advertising, perhaps because advertisers want to be reassured their ads don’t appear next to distasteful content. I think there’s an interesting idea there: lots of companies are trying to move towards “on-device” ads; are they really private? Is privacy the right framework to evaluate them, or is it a different type of control?
