This is about 1.0, which sounds ok - it basically allows providers a legitimate exception from data privacy laws to scan for CSAM in not E2EE communications. I reckon gmail, iCloud mail and the like already scan attachments for malware and emails for phishing scams, now they can also scan for child abuse.
"We decide on something, leave it lying around, and wait and see what happens. If no one kicks up a fuss, because most people don't understand what has been decided, we continue step by step until there is no turning back." -- Jean-Claude Juncker
cc 2.0 is a different beast.