The question was obviously “What’s the point of only scanning the cloud?”

I don't understand your question.

Are you arguing in favor of on-device scanning? Or arguing against all scanning?

Perhaps easier, what do you think they should be doing?

Yea?

Either commit and say “scanning for CSAM is the top priority” and scan on device or say “privacy is the top priority” and don’t scan at all.

I’m literally saying this halfway path is the worst of both worlds, since people still lose privacy, but very little meaningful progress against csam will be made.