[Huppie]

We may have a different view of what 'giving access' means in this context.

The way I see it: If a user willingly (1) installs another AI app like deepseek and (2) willingly gives it access to 'full phone and app data' with a warning screen or setting of whatever that seems... like a good thing?

I may not agree with those users that it's worthwhile providing their full private data to [some AI startup X] or [Some Chinese or US AI company that will hover up as much for their own use] but if the EU forces Apple to provide this as an option, that sounds good to me.

The whole point of the regulation is that the data on the device is _the user's_ data and if Apple can have its AI services work with the user's data, competitors should be able to do the same.

From my (admittedly European) perspective it looks like Apple is just throwing a tantrum here.

[e28eta]

I don’t have the EU perspective, which might be changed by things like GDPR, but I prefer Apple’s stance that “no one should have this data, not even us”.

One reason is that the data on a user’s phone isn’t solely owned by them. Some of it is shared with other people, or “belongs” to someone else: chat, email, shared documents, photos of people, contact information, etc.

In a corporate environment, this is more explicit: you have access to company information, so the IT department controls what apps you can install / run, because individual EEs won’t always make the best choices.

Second, I think app developers are more likely to share more data, if they know that the shared data doesn’t leave the user’s control. And that (presumably) makes the feature work better. If I’m developing an app, I’ll think twice about indexing any sensitive data, if I don’t know where it was going to end up.

[Huppie]

Maybe you missed the 'or sent to private cloud' part of the announcement, it's not just local-llm only.

Don't get me wrong, just like you I personally would also prefer LLM-integrations with a privacy-focused provider and I think Apple is a good party to get that from (assuming they're using good models and keep their privacy guarantees here...)

But in the end you're still often 'sending data to an LLM provider', and the EU enforcing them to also let that be competing LLM providers still doesn't sound like a bad thing to me.

If Mistral would give the same privacy guarantees: great! If a company wants to use their enterprise OpenAI subscription: great! Etc. etc.

Let's allow for some competition here and not force a specific LLM-provider onto users just because they like the Apple hardware and software ecosystem.

[e28eta]

> Maybe you missed the 'or sent to private cloud' part of the announcement, it's not just local-llm only.

I saw that. Maybe you’re unfamiliar with Apple’s Private Compute Cloud? It’s intended to allow cloud computation on data without making the data available to anyone, which I think backs up my interpretation that apple’s stance is “no one should have this data, not even us”

This is from https://security.apple.com/documentation/private-cloud-compu...

We designed Private Cloud Compute with core requirements that go beyond traditional models of cloud AI security:

* Stateless computation on personal user data: PCC must use the personal user data that it receives exclusively for the purpose of fulfilling the user’s request. User data must not be accessible after the response is returned to the user.

* Enforceable guarantees: It must be possible to constrain and analyze all the components that critically contribute to the guarantees of the overall PCC system.

* No privileged runtime access: PCC must not contain privileged interfaces that might enable Apple site reliability staff to bypass PCC privacy guarantees.

* Non-targetability: An attacker should not be able to attempt to compromise personal data that belongs to specific, targeted PCC users without attempting a broad compromise of the entire PCC system.

* Verifiable transparency: Security researchers need to be able to verify, with a high degree of confidence, that our privacy and security guarantees for PCC match our public promises.

- - - -

Second, according to their press release ([1] and a sibling comment elsewhere in this chain), they’ve been trying to find a way to allow interoperability without giving full access to everything. Unsuccessfully, so far. So it’ll be interesting to see where it goes, but I’m sympathetic to their current stance.

[1] https://www.apple.com/newsroom/2026/06/due-to-dma-siri-ai-de...