Why is Apple doing the CSAM scanning/privacy invasion?

A massive discussion here: https://news.ycombinator.com/item?id=28118350 seems to imply that Apple have been told/have decided that they are not doing enough to protect their ecosystem from child sexual abuse pictures (and possibly other crimnal exploits).

Instead of scanning their iCloud storage, which would imply that it isn't encrypted, which would be PR disaster, they have decided it would be better to do it on the devices themselves at origin when the content is already unencrypted.

Of course, the issue there, is that they are forcing anti-privacy systems onto your handset which you might assume is your property and not something you want a non-accountable system to be running on.

May be someone is expecting a drove of whistle blowers on something, and it is to be expected that this company were doing this for a while, but now that they see a reason they might want to use it for silencing people, they are forced to make it public.