The venture capital dollars started running out. Returns started being demanded. Companies that made slightly improved and/or more accessible versions of more open products extinguished those products using venture capital dollars then started rolling out the enshittification, demands for money, intrusive ads, spying, dark patterns, sabotaging, paid tiers.
Back in those days the internet was a curiosity. A hobby. A fun thing to share, something a company might hope to break even on or earn minor profits with, these days big profits are demanded, centralization. Addiction to high resolution and size video and image content which is expensive to host and serve. The network effect drained smaller sites and resources, concentrating people in larger venues that had the investment dollars to support them at the cost of their privacy. Combine with search engine optimization and it became harder to even find smaller places. Add in digitally uneducated kids who thought fb and such were most of the internet and never bother to venture beneath the top 6 google results and older people and this is what you have.
Take something like Omegle. I don’t want to defend what it was for most of its existence as the bad outweighed the good IMO (like 4chan) but something like that if made today would require linking your facebook or google account and serve you video ads every 5 minutes on top of banner ads. But back then it was just something some random guy could make for fun and not think “hmm I need real identities to monetize these people to ad networks to pay for this and turn a big profit selling the data they input”.
So first it’s client-side scanning for CSAM. Not without some nobility. But the problem is once you wedge open that door it’s technically possible to do it for other things and so you become compelled to.
It’ll move from just CSAM to stopping and tracking “propaganda” as deemed by them which will be narrow-ish at first (anything pro-Russia, RT links, etc) but gradually expand over time to anything outside the mainstream branded as extremist (and guess what, privacy advocates will definitely fall within that label). And once that’s in place the private stake-holders, copyright holders will come knocking, they’ll say rightly so “hey you have the capability right now, we demand you implement client-side scanning to detect copyright violations” and then that will be ordered by a court, further enshrined by a law and oh look now you can no longer send political thought that the ruling regime disagrees with, can no longer surf the high seas, and so on and so forth. Congratulations and please enjoy living in the “garden” of Europe.