All you need to do to avoid it would be to encrypt outside the app, something most people would not bother to do, but criminals would be motivated to do.

>100% they could add client side scanning, why do they think its impossible?

I think you've misread that sentence. It's saying that they don't have the ability right now, as-in this is not a feature they've written in their software, and that further they do not wish to do so (in the same way that Apple did not want to write a backdoor for the FBI previously). Obviously as a matter of programming of course backdoors can be written and have been. But software developers don't want to be forced at gun point to do so like the EU proposes, which seems perfectly understandable.

And fwiw with open source software it actually would be arguable that they "don't have the ability" on a more technical level since that couldn't actually be enforced on the users and the EU's jurisdiction ends at its borders. Obviously many of the most popular messengers are proprietary, but not all. And even for the proprietary vendors that probably does factor into their arguments, as it'd put them at a commercial disadvantage.

BTW the hash is a CRC32 one

Upsetting statistic for other reasons: Even if it's "10% of all flags are false, 90% are correct", if there's also no false negatives, then the 10% false positives alone gets you to about the current total incarceration rate — offenders are estimated to be a few % of the population, prison population is about 0.1% of the total population.