Skip to content

Technical explainer

What Actually Happens When Your Phone Is Scanned

Client-side scanning is not magic and not a single button marked safety. It is a sequence: content is checked at the client surface, matched or classified, routed into reporting institutions, and then handled downstream. The mechanism is documented; the risk analysis is labeled separately.

The simple version

In ordinary end-to-end encryption, the service is supposed to lose access to message content once the message is protected. Client-side scanning changes the location of the check: the content is inspected on the phone or client surface before that protection fully matters. FACT

A scan can follow two paths. Known material can be compared against hash lists; unknown material can be passed through classifiers. Safer is documented as using both known-material matching and machine-learning classification, with NCMEC as a critical upstream data and reporting dependency. FACT

The risk does not require a fantasy claim. The proven technical issue is that the scanner is dual-use and expandable by policy or configuration; the analytical issue is what happens when false positives, classifier limits, and institutional dependencies are scaled across private communications. INFERENCE

Anatomy of a Scan

Proven mechanism, documented dependency, and bounded risk are kept separate in each step.

  1. 1 / Client surface

    DOCUMENTED FACT

    The scan moves to the client

    Client-side scanning checks content on the device or client surface before the ordinary end-to-end-encryption boundary protects it.

    Dependency point

    Mechanism

    Moving the check onto the device changes the attack surface.

    This does not prove any single vendor implementation is identical.

    • Technical & Legal Case Against Client-Side Scanning Research file / Tier 1
  2. 2 / Known material

    DOCUMENTED FACT

    Known material is matched against hashes

    Systems such as Safer can compare content fingerprints against known-CSAM hash lists and related corpora.

    Dependency point

    Hash corpus

    The dependency point is the corpus: who defines, maintains, and routes the matching lists.

    Hash matching does not by itself prove a user's criminal intent.

    • Technology & Partners Research file / Tier 1
    • Palantir Sovereignty Paradox Research file / Tier 1
  3. 3 / New material

    SPLIT FACT

    Unknown material may be classified

    Machine-learning classifiers can flag new or unknown material, but documented tests and EPRS analysis keep classifier limits visible.

    Dependency point

    Classifier

    Classifier error rates matter at platform scale.

    This page does not present automated classification as reliable proof of abuse.

    • Technology & Partners Research file / Tier 1
    • Technical & Legal Case Against Client-Side Scanning Research file / Tier 1
  4. 4 / Reporting

    DOCUMENTED FACT

    A hit becomes a report

    When a provider has actual knowledge, US-based reporting architecture routes apparent CSAM reports through NCMEC's CyberTipline.

    Dependency point

    Reporting chokepoint

    The institutional dependency is separate from the scan itself.

    A report is not a conviction and is not treated here as one.

    • Palantir Sovereignty Paradox Research file / Tier 1
    • Technology & Partners Research file / Tier 1
  5. 5 / Escalation

    DOCUMENTED FACT

    Review and enforcement sit downstream

    Reports then move into human, platform, hotline, or law-enforcement review pathways; the legal status of downstream viewing remains contested in parts of US case law.

    Dependency point

    Institutional review

    The scan is only the first institutional handoff.

    The page does not collapse report volume into proven offender counts.

    • Palantir Sovereignty Paradox Research file / Tier 1
  6. 6 / Risk boundary

    SPLIT INFERENCE

    The risk is bounded, not speculative theater

    False-positive scale, classifier limits, and policy/configuration expansion are treated as documented or analytically bounded risks, while intent to exploit remains unproven.

    Dependency point

    Bounded risk

    The dossier separates the proven security problem from unsupported claims about who would exploit it.

    No claim here says US actors intend to exploit the holes.

    • Technical & Legal Case Against Client-Side Scanning Research file / Tier 1
    • Scope & Thesis Research file / Tier 1

Evidence-Graded Technical Claims

The claim cards reuse the Technical Explainer Contract records.

DOCUMENTED FACT

Client-side scanning moves detection onto the user's device or pre-encryption client surface before a message is protected end to end.

This is a technical mechanism claim, not a claim that every product uses the same implementation.

  • Technical & Legal Case Against Client-Side Scanning Research file / Tier 1

DOCUMENTED FACT

Safer combines known-material hash matching with machine-learning classification for new or unknown CSAM signals.

The record documents the product stack and limits; it does not prove that Safer can solve scanning in encrypted spaces.

  • Technology & Partners Research file / Tier 1
  • Technical & Legal Case Against Client-Side Scanning Research file / Tier 1

PROVEN FACT

Abelson et al. document client-side scanning as architecturally dual-use and expandable by policy or configuration changes.

This proves technical exploitability risk; it does not prove US actors intend to exploit the holes.

  • Technical & Legal Case Against Client-Side Scanning Research file / Tier 1
  • Scope & Thesis Research file / Tier 1

DOCUMENTED FACT

Detection workflows depend on external hash corpora and reporting institutions, with NCMEC acting as the statutory US CyberTipline chokepoint.

Dependency is documented; deliberate sovereignty-undermining remains an inference.

  • Palantir Sovereignty Paradox Research file / Tier 1
  • Technology & Partners Research file / Tier 1

SPLIT INFERENCE

False-positive scale, classifier limits, and scope-creep risk are bounded technical risks, not proof that US actors intend to exploit the holes.

The mechanism and risk are documented; intent to exploit remains unproven.

  • Technical & Legal Case Against Client-Side Scanning Research file / Tier 1
  • Scope & Thesis Research file / Tier 1

DOCUMENTED FACT

NCMEC is the US statutory CyberTipline and hash-corpus chokepoint upstream of Safer and the sovereignty-dependency argument.

Dependency is documented; deliberate sovereignty-undermining remains an inference.

  • Thorn Lineage, Ancestors & Siblings Research file / Tier 1
  • Technology & Partners Research file / Tier 1
  • Palantir Sovereignty Paradox Research file / Tier 1

What the scan does

The phone-side check creates a local decision point before the ordinary encrypted transport story begins. If the content resembles known material, a hash match can trigger the next step. If it does not, a classifier may try to predict whether the material is new CSAM or grooming-related content. The distinction matters because known-material matching and classification have different error profiles.

What happens after a hit

A hit does not end the story. It becomes a report package, enters platform and hotline handling, and can move into law-enforcement review. This page keeps that handoff visible because the dependency point is institutional as much as technical: NCMEC is a statutory US reporting chokepoint and the upstream source for parts of the hash-corpus story. FACT

Where the risk enters

A scanner that can look for one category can be repointed by policy or configuration to another category. That is the proven dual-use warning in the technical record. What this dossier adds is the bounded risk readout: once a mandate normalizes device-side inspection, the fight moves to who controls the lists, thresholds, reporting rules, and review pathways. INFERENCE

What this page does not prove

It does not prove that Thorn, NCMEC, DG HOME, or any US actor intends to exploit the holes. It does not present a report as a conviction. It does not treat a classifier score as proof of abuse. The claim strong enough to publish is narrower: the mechanism and dependencies are documented, and the risk is serious without pretending the evidence proves more than it does.

UNPROVEN

Unsupported leap kept out

"US actors intend to exploit CSS holes" is not presented as proven here. The technical record supports exploitability and dependency risk; intent remains unproven.

SPLIT

Reports are not convictions

The diagram treats a hit as the start of an escalation path, not as proof that an accused person committed an offense.