[kylehotchkiss]

I've had no issues with it, but you're ultimately trusting Apple to delete the private key from their servers. The best way to verify it works is logging into icloud.com. It will show that you cannot access the tools there since advanced protection is enabled.

[radicaldreamer]

There is a setting to enable iCloud access on web by verifying on a trusted device. I think the way this works is by temporarily sending your decryption key up to Apple to allow the active session access to data.

[lost_tourist]

what incentive does apple have to keep it? If anyone finds out they're lying then their whole privacy schtick goes out the window.

[kylehotchkiss]

My worry is more being compelled to keep a key by government agencies.

[stjohnswarts]

I believe if that happened apple would simply refuse to encrypt any longer and let customers know that's what is happening. The government can't force them to lie to the public. We're becoming a more autocratic nation but we're not quite that far along yet.