Photos in iCloud photos are "encrypted". They are not end-to-end encrypted. Apple retains the keys. Apple can and does decrypt the photos for various purposes including for law enforcement. The encryption poses no obstacle to scanning the photos in the cloud.

According to Apple's docs photos are encrypted in transit and on server but not end to end encrypted

https://support.apple.com/en-us/HT202303

The technical summary describes a new system where Apple just has keys for suspect images.

The technical summary describes the detection system, not the rest of the product. The rest of iCloud photos is not end-to-end encrypted. If Apple was planning to introduce end-to-end encryption for iCloud photos then they should have announced it at the same time.

If they are using this to introduce something closer to end-to-end encryption then it seems like a clear win for users.

Today photos are not end-to-end encrypted, there is nothing preventing Apple from decrypting your photos if they want (or if they are asked by law enforcement). If a part of this implementation is to make it so only the user keys OR the CSAM keys in the case of a match are able to decrypt the photos then that is a clear step in the right direction over the current system. It's not real end-to-end encryption, but it still prevents Apple from just decrypting your photos without probable cause of a very specific crime.

If that is the case they should have made it a lot clearer in the initial announcement though.

Yeah. After thinking about it this is probably the missing motivation for building this feature client side. It's a huge blunder to announce/enable this before actually doing the end-to-end encryption for iCloud. It renders the whole thing pointless.

They just have keys for the safety voucher for the suspect images. It's not entirely clear that the payload in the safety voucher is the only copy of the image or if this CSAM system is in addition to what happens today.