Considering it's a perceptual hash match, some difference is accepted. Such confidence in the infallibility of these methods usually precedes the method being used to go jail some poor innocent bastard. After all, if he wasn't guilty, it wouldn't have tripped the scanner.

You're not going to go to jail based off tripping a scanner, however a judge will authorize a search warrant based off tripping a scanner. If you trip the scanner the police will be paying you a visit with a search warrant in hand. They will confiscate all your electronic devices. Come to think of it, that's going to be interesting in the new world of work from home - because those devices are going to include your employer's devices. It'll be interesting to see how all that works out.

Then what precludes the production of _new_ material? I thought that the whole effort was to protect children from future abuse?

NCMEC's database is constantly growing; Facebook reported 20 million instances of it over the past year. Say John Q Pedophile has a collection, and his collection includes a bunch pictures which have been reported elsewhere mixed in with the original stuff he's producing, if you detect those images you have probable cause to bring him into custody without completely infringing on someone else's ability to take pictures of their kids on the beach.