It happened in Australia over a decade ago. Their blacklist of 3000 domains leaked, half of which did not contain CSAM: https://www.theregister.com/2009/03/19/australia_list_leaked/ Noone likes a visit to the dentist, but putting them on a CSAM blocklist is a step too far