okay, so according to this [1], icloud photos are not e2e encrypted. point still stands, this is a system that is designed to flag the images without looking at them server side. assuming that it is successful, it paves the way for when they could turn on e2e encryption for icloud photos.
I don't buy this argument one bit. If you're going to release a feature with client-side data scanning in order to turn on e2e, you would specify that to provide the reasoning and prevent backlash. Apple would be smart enough to say that (if that was their plan).
Furthermore, e2e isn't all that meaningful with this feature. A client-side scanner that allows someone to view a thumbnail of the photo if it matches some other photo they have kinda takes most of the protection e2e is supposed to provide...
i don't think they would necessarily advertise a plan to attempt e2e this early. what if it proved to be infeasible? reversing course after an announcement like that would be a massive black eye.
have you ever seen a system like this that would be capable of flagging accounts for hosting bad material with a tiny false positive rate while being capable of e2e encrypting the material at rest like this one? i haven't, and it's an awful lot of engineering going to waste if that's not the goal.
they probably already do server side scanning, and probably regularly find stuff.
assuming that was true (which it very well could be) it would be insanely irresponsible to roll out e2e at scale without something like this...
there are probably hundreds of people or more at apple who can legitimately access the contents of a user account. e2e with inbound scanning would completely ameliorate that.
[1] https://support.apple.com/en-us/HT202303