Apple always seems to design services the way a privacy-obsessed nerd would, (if you forced said privacy nerd to design a P2P tracking network).
It's like, "oh, you want all your photos to be searchable, like 'dogs' or 'Eiffel tower'? Fine, we'll create an on-device embedding of each photo, use homomorphic encryption so you can share it with us and we can match it to its contents without even knowing what they are, then we'll send that back to your device for storage. Oh, and we'll use a relay so we don't even see your IP address while doing this, not that it matters since we can't decrypt the content anyway." It's pretty wild, like they could have easily skipped all this and only a fraction of a fraction of a fraction of users would even know or care.
In fact, I was pretty annoyed that the news story from the above example was "Apple is looking at all your photos and violating your privacy", since they spent so much effort doing it the right way, in a way that respects your privacy, it makes it less likely they will bother going through the effort again
I think when you're at apple's scale, the cost of doing all of that difficult engineering pales in comparison to the cost of responding to subpoenas and bad press/lost sales from compromising user privacy. (google did something similar when they stopped storing per-user location data)
Separately; it doesn't matter how good your technology is or how much you believe in it, you need to win the PR battle of convincing people of how it works. An example is VPN companies who claim not to keep logs testifying in court under oath that they can't produce requested logs, or Mullvad being unable to comply with a search warrant for storage drives because their servers didn't contain any.
You misunderstood the point of the news story. Apple automatically opted in everybody's iPhones to sending data to Apple, unlike every other company that requires explicit opt in.
No other company automatically sends data about pictures users take on their phones off the phone. Not a single one. All required explicit opt-in except for Apple. Hence, the news story.
I guess it's a matter of informing the public that homomorphic encryption means no information is visible to Apple, so Apple never receives any information about your pictures at all.
I guess you could make the argument "well what if one day they stop using homomorphic encryption", but that argument doesn't make much sense since 1) why would they and 2) you could already ask the same question today "what if they just started sending info anyway"
It's like, "oh, you want all your photos to be searchable, like 'dogs' or 'Eiffel tower'? Fine, we'll create an on-device embedding of each photo, use homomorphic encryption so you can share it with us and we can match it to its contents without even knowing what they are, then we'll send that back to your device for storage. Oh, and we'll use a relay so we don't even see your IP address while doing this, not that it matters since we can't decrypt the content anyway." It's pretty wild, like they could have easily skipped all this and only a fraction of a fraction of a fraction of users would even know or care.
In fact, I was pretty annoyed that the news story from the above example was "Apple is looking at all your photos and violating your privacy", since they spent so much effort doing it the right way, in a way that respects your privacy, it makes it less likely they will bother going through the effort again
https://www.theregister.com/2025/01/03/apple_enhanced_visual...