The explanation is they use a method for determining the key for each individual file that is reproducible on all clients. That is the same unencrypted file (cleartext) will produce the exact same encrypted file (cyphertext) for all clients. Instead of more traditional methods of encryption, where the client uses a key that is specific to them (such as my own private/public keypair). This means that any time anyone encrypts the exact file the text post-encryption is the same. It's secure since they don't have the key to the original file, and it's easy to match the same files once they are encrypted so that they can be deduplicated.