For decades the fight over encryption was a fight over backdoors — give law enforcement a key, or a weakness, in the cipher itself. Cryptographers won that argument so thoroughly that the math is no longer the battlefield. The new proposal doesn't touch your encryption at all. It moves the inspection to before the encryption happens, on your own device, where the message is still plaintext. This is client-side scanning, and it is the most consequential privacy debate of the decade precisely because it claims to leave end-to-end encryption intact.
The framing is seductive: your messages stay encrypted in transit, the platform never sees them, the cryptography is untouched. The catch is that "end-to-end encrypted" was always shorthand for "no one but the endpoints can read this" — and client-side scanning installs an inspector inside one of the endpoints.
What client-side scanning actually does
Client-side scanning (CSS) puts a content-inspection step on the user's device. Before a message or image is encrypted and sent — or as it is stored — software on the phone compares it against a target set. There are two main approaches, with very different error profiles.
Perceptual hash matching compares your content against a database of hashes of known illegal material, typically child sexual abuse material (CSAM). Unlike a cryptographic hash, a perceptual hash is designed to match even after an image is resized, recompressed, or lightly edited. Machine-learning classifiers go further, attempting to flag previously unseen content — new abuse imagery, or under some proposals, "grooming" conversations — by category rather than by exact match.
The case study: Apple's 2021 proposal
The most sophisticated real-world design came from Apple in August 2021. Its system was genuinely clever engineering: on-device NeuralHash matching against a CSAM database, combined with private set intersection so the device couldn't learn which hashes it was checking against, and threshold secret sharing so that no match was revealed to Apple until a user crossed a minimum number of flagged images. It was, by some distance, the most privacy-conscious CSS architecture ever proposed.
It still collapsed. Within weeks, researchers produced hash collisions — distinct images forced to share a NeuralHash — demonstrating that adversarial inputs could trigger false matches. Civil-liberties groups, researchers, and security experts objected en masse. Apple paused the program in September 2021 and formally abandoned it in December 2022, stating that scanning users' private content created vulnerabilities that could be exploited and threatened to become a vector for broader surveillance.
What the cryptographers said
In October 2021, fourteen of the world's most prominent security researchers — including names behind foundational work in public-key cryptography and security engineering — published Bugs in Our Pockets: The Risks of Client-Side Scanning. Their conclusion was unusually blunt for an academic paper: CSS, regardless of its technical sophistication, is dangerous to deploy, and the case against it is structural rather than fixable.
| Concern | Why it's hard to fix |
|---|---|
| Scope creep | Once the scanner exists, the target list is a policy choice, not a technical one |
| Adversarial collisions | Perceptual hashes can be gamed to frame innocent users |
| Opaque target lists | Users can't verify what's being matched; databases are secret |
| False positives at scale | Billions of images means even tiny error rates flag many innocents |
The deepest objection is the first. A device that can scan for one category of content can scan for any category — the difference is entirely in the database, which the user cannot inspect. A system built to find abuse imagery is, by construction, also a system that could find dissident leaflets, leaked documents, or a banned symbol, depending on who controls the list and under what legal pressure.
"Client-side scanning breaks the promise of end-to-end encryption not by breaking the encryption, but by compromising the endpoint that the encryption was supposed to protect."
The policy fight continues
The technology did not die with Apple's retreat. In the European Union, the proposed Child Sexual Abuse Regulation — widely known as "Chat Control" — would require messaging providers to detect illegal content, which in practice for encrypted services points toward client-side scanning. Similar pressures recur in the United Kingdom and elsewhere. The debate keeps returning because the underlying tension is real: there is genuine, serious harm that authorities want to address, and there is no version of mandatory content inspection that doesn't undermine the security model billions of people depend on.
This is connected to the older fight over encryption backdoors. The technical community's position has been consistent across both: you cannot build an inspection mechanism that works only for the good cases. As Bugs in Our Pockets argued, the same infrastructure that scans for the content everyone agrees is abhorrent is infrastructure that can be repointed, and the safeguard against repointing is a promise rather than a property of the system.
Why it matters even if you have nothing to hide
The strongest argument against CSS isn't about any individual's secrets — it's about what end-to-end encryption actually protects at the population level: the assurance that the channel itself is trustworthy. A scanner on the endpoint converts every device into a checkpoint whose criteria are set elsewhere and can change without notice. The harm CSS targets is real and the impulse to act is understandable. But the consensus among the people who design these systems is that client-side scanning trades a structural, permanent weakening of everyone's security for an enforcement gain that determined offenders can sidestep — and that is a trade worth refusing.
Try Haven
Haven is an encrypted messenger and email app built for people who want privacy without complexity. End-to-end encrypted, open about our design, and easy to use.
Download Haven