"For now"
The tool being installed on the device is the problem.
All that's stopping it being used for other things (or for all photos, not even iCloud ones) is a simple policy change by Apple (perhaps simply being compelled by a local authority, agency or government).
Creating the tool and installing it on users devices - at all - is the issue.
The issue is trust.
Do you or do you not trust Apple?
I (still) trust Apple, and I hope that in time, more people will see the light and come to appreciate the elegance of what Apple is trying to do here.
Right now, what I am seeing from critics is that they somehow expect Apple to stay on a privacy high horse and flat out refuse to do anything that would require extensive work on Apple’s part to rethink existing status quos, which to me is not attractive or viable at all.
What I see here is Apple innovating by coming up with privacy-minded solutions to existing products and services which people long assumed they had to give up their privacy to.
People thought that a company would have to collect as much data as possible for AI or maps; Apple proved them wrong by showing that it is very much possible to continue to develop in these areas without collecting as much data as these companies would have you believe.
Apple also launched ATT to show that advertising was still very much viable without the degree of invasive tracking that facebook is now infamous for.
It’s no different with CSAM. Right now, the current assumption is that everything you upload to the cloud is by default no longer private. What if Apple had a way to change that? What if they could offer users fully encrypted iCloud storage, and they are able to identify whether users have child pornography on their devices, without having to use AI to scan for them like what companies like Facebook are doing with uploaded images?
And honestly speaking, there are likely far easier and more practical ways for a government to spy on its people than rely on CSAM detection / alteration.
I think a lot of the criticism is coming from organisations and companies who don’t want to see Apple succeed, as well as from people who are still unable to wrap their heads around this paradigm shift that Apple is delivering. Your phone isn’t scanned, your photos in the cloud aren’t scanned, and throughout this entire process, your photos are subject to scrutiny only once, and even then, in the least invasive manner possible.
Compared to google drive actively scanning every image i upload, I find this a much more palatable tradeoff.
Apple is upending the current existing status quo even as we speak. And I want to be a part of that new world order.