@tindall@cybre.space yes it's on-device. Apple has a pretty detailed technical summary that I just skimmed, but oddly they don't say anything about the API. I guess it's a private API invoked by two of their apps when they want to scan an image?

Having a CSAM database doesn't seem inherently bad if it's under user control. I could see it being part of a spam filter, which might help people who are being harrassed.