Low-res I suppose is better but...If it's enough for a human to tell whether it's CSAM or not, it's probably high-res enough to be a significant invasion of privacy in case of a mistake.
Also the > x "hits" part is a good feature assuming that the database only looks for CSAM. Otherwise it's useless (not to mention totally unauditable).
My guess is that they're doing it on device because they've had several years of marketing and proclaiming that "everything is done on-device" so to implement CSAM scanning server side would go against that. Maybe they thought this would somehow look better to the average consumer who thinks "on-device" is automatically better?
Also the > x "hits" part is a good feature assuming that the database only looks for CSAM. Otherwise it's useless (not to mention totally unauditable).
My guess is that they're doing it on device because they've had several years of marketing and proclaiming that "everything is done on-device" so to implement CSAM scanning server side would go against that. Maybe they thought this would somehow look better to the average consumer who thinks "on-device" is automatically better?