Though on the subject of client side scanning, the best approach I've ever seen was the Apple one; an impressive result of years of research.
It was fundamentally broken in any sane risk model that these tools are being proposed for.
https://pseudorandom.resistant.tech/neuralhash-collisions.html