I don't have to bring a solution to notice that the system we have is not working. (That's not to say I don't wish I had one, I just don't.)

Maybe we'll get lucky and the next vote will fail, or maybe if it passes there will be providers that refuse to comply. I think if it happens, it's far more likely that most will cave, and a few will just pull the plug and stop offering service.

> They've tried to do this for decades and have failed.... Let's see how voters like it.

My "point" is that I thought the same way you did -- look what a mess Clipper Chip was, they always want backdoors but surely a voice of reason will show up, etc -- but something has changed. Couple the vote in the EU with the way the major tech companies reacted to GDPR (you'd be surprised how many sites simply block all of Europe rather than comply) and it's a wakeup call. There is a real chance of the bad guys winning here.

1: https://www.hackerfactor.com/blog/index.php?/archives/929-On...

https://www.patrick-breyer.de/en/posts/message-screening/?la...

ETA: in short, about a month ago they did get the votes, at least in the EU, and it's now "allowed" for providers to scan all content. In a little while, they're going to have a vote to change "allowed" to "required", and we have no reason to think it'll go differently.

That being said, one of two things is true. Either Apple does exactly what they say, in which case they are not able to perform server-side content / fingerprint scanning, or Apple is outright lying about only using their key on behalf of law enforcement. This latter case would open them to all sorts of legal liabilities, like a suit from shareholders for false reports. It would also require the silence of every Apple engineer who has ever been involved in at least their iCloud Photo program, and probably a bunch of server infrastructure as well. Additionally, they'd be legally obligated to report their scan results to the NCMEC but would have to do so in a way that doesn't give away that they're lying about how their systems work.

The only remotely plausible answer I've seen is that Apple wants to keep potentially-violating material out of their general storage, and flagged images are being sent to the review team instead of regular backup, but that's a pretty weak guess.

Perhaps the community could run a crowdsourced "keep them honest" service web service -- upload the latest illegal-in-China Winnie-the-Pooh meme, oh hey look at that, it's in the China-only version of the database, isn't that weird, etc etc. (Obviously you wouldn't want people "testing" images that are in the database for the actual stated purpose...)