[simjnd]

Indeed but you ignore my second paragraph: they have developed (and 3rd-party audited) a way to handoff all the data (parts of your Personal Context, etc.) to their cloud servers in a privacy preserving way on-device. Why couldn't the same process could be used to handoff the data to a 3rd-party AI provider? (genuine why, if you have an understanding of the thing you have a strong opinion about I'd genuinely appreciate the answer)

It looks like Apple is framing this as a privacy issue as a marketing tactic so that consumers will blame the EU when Apple COULD implement it without endangering privacy.

[theshrike79]

Apple PCC is using completely mad and paranoid amounts of security down to hardware and firmware level making sure nobody at any point of the supply chain can access the data.

EU can’t and won’t enforce the same rigour for 3rd party cloud AI. Which is the problem for Apple.

If said 3rd party service leaks private data, guess which company is going to be in the BIG HEADLINE and which one will hardly be mentioned in the news?

[simjnd]

Ah, I see. I overestimated the amount of stripping / anonymization that was being done on device. Thought the server-side could be quite generic. Thanks!

[theshrike79]

Naturally the server needs to know things.

If you want it to, for example, summarise your HRV or menstrual cycle you can't anonymise it or you don't have any data to analyse. It'd be just "wink wink nudge nudge" with zero context.

[simjnd]

Of course, but the iPhone could send slightly altered data to avoid fingerprinting (tweaking age / weight / height slightly) like browsers do with sensors.

Some data could outright be replaced (names, etc) and swapped back on device.

It couldn't do it with ALL the data (eg. calendar data needs to be accurate) but just because you need to give context doesn't mean sacrificing privacy.

Everything would go through an Apple proxy before reaching a theoretical 3rd-party provider.

These wouldn't provide privacy GUARANTEES but could make it reasonably difficult and expensive to fingerprint?

[benoau]

They've just announced PCC for Google Cloud using Nvidia GPUs and Intel CPUs so it would probably run on just about anything -

https://security.apple.com/blog/expanding-pcc/

[theshrike79]

Of course Google has the capacity to run PCC. This isn't about whitelabel PCC being run by FAANG.

This is about Super Private Benoau AI being available for any user to install. How can they know whether it respects their privacy or not? The home page says that they're the best and mostest private ever of course, has animations generated by Claude and everything.

But actually it runs on servers bought from Hetzner's server auction and stores all logs in plain text in open S3 buckets and the owner actively sells the user data to the highest bidder.

This is what Apple is worried about and EU either doesn't care or doesn't understand the issue.

[Rohansi]

> How can they know whether it respects their privacy or not?

How can you know whether Apple would actually respect your privacy or not? If it's on-device you can audit it, but how can you prove their cloud is actually respecting your privacy?

If you have an answer to this then why can't third-parties also do the same?

[stouset]

Third parties don’t have to do the same. And they won’t.

[Rohansi]

And Apple has to? Why? What forces Apple to do this?

[bigyabai]

> EU can’t and won’t enforce the same rigour for 3rd party cloud AI. Which is the problem for Apple.

Why should they? If the user decides to trust a third party, Apple shouldn't retain veto power for the customer's choice.

This is how macOS treats apps like OpenClaw. It can absolutely work for iOS too.

[theshrike79]

But how many users are legitimately capable of evaluating how privacy preserving a random Cloud AI provider is?

Let's remember that a tiny company called Meta had a "VPN" they provided for users that just happened to spy on them: https://news.ycombinator.com/item?id=39881962

And that went on for a long while before it was noticed.

Now imagine the same situation but an infinite whack-a-mole of alternative AI providers and just regular folk who will install mobile games from a frozen baby ad...

[bigyabai]

> But how many users are legitimately capable of evaluating how privacy preserving a random Cloud AI provider is?

Probably the same number of customers that are legitimately capable of evaluating the privacy of Apple's PCC?

Let's not forget a tiny company called Apple that once proposed Client Side Scanning to "save the kids" by hashing your entire iCloud. Apple loves demanding the moral high ground to promote asinine surveillance mechanisms with no safety guarantees for their users. Senator Wyden is adamant that Apple colludes with the US government to surveil metadata and intercept Push Notifications. Apple's definition of "private" doesn't actually entail privacy at all. Many third-party services are better positioned to protect their users than Apple is.

So why should users defer to Apple's arbitrary definition of privacy? It's obviously bullshit. If you're a traveling journalist, protestor or dissident, you might end up like Jamal Khashoggi for trusting Apple's services to keep you private.

[theshrike79]

Ahh, Apple's client side scanning - my favourite topic. The Internet collectively dropped their IQ to room temperature levels (in Celsius) when this was "discussed". I think I was one of maybe three people in the whole internet who actually read the papers describing how the feature works. The rest went with just the headlines and immediately sharpened their pitchforks and dulled their minds.

Let's go through the process in detail:

- IF you had iCloud syncing on (which meant your photos were on Apple's servers anyway) they would download a pre-generated set of perceptual hashes of KNOWN CSAM. Like actual child porn, vetted and verified by humans. Perceptual hashing is a fun tech, look it up, super useful outside of this context too.

- Then IF your phone, independently, with zero connections to the outside matched MULTIPLE (they didn't specify the exact count) known child pornography image phashes those would be uploaded to Apple's servers. There was some cryptographic boogaloo at this point too that mathematically prevented Apple from decrypting the photos without enough matches.

- Then an actual human would look at "reduced quality" (can't remember the exact term) versions of the matched photos and determine whether it's some dipshit / bad actor forcing fake matches with kitten pictures or actual CSAM material.

- If the human verifier confirms that the person's phone has actual confirmed child porn, the authorities would be contacted.

---

And the basic arguments:

"but muh privacy!" - You needed to have iCloud syncing enabled for this feature to be enabled at all. Your data is already on Apple's servers, they could just scan them there. But to do that they'd have to be able to decrypt them, which means the authorites can force them to do it too. Apple didn't want this. Thus: local scanning. You don't want your photos scanned, turn of iCloud sync. Done. Bad Tim Apple can't look at any of your photos.

"But what if I get multiple fake phash match files sent to me and I save all of them to my photos!" - then you'll inconvenience a human verifier for maybe 30 seconds. You won't get swatted or put on a list anywhere.

Oh and Apple already "hashes your entire iCloud" - also fully on device. That's why your iOS device runs hot for a week or so after installing a new major iOS revision. They run the fully local ML models on your pictures in the background and store them - also locally - to a database where you can go and search for "dog" or "receipt". Adding a phash to match to a local CSAM database is a non-issue at this point.

[well_ackshually]

Why are you so focused on continuously sucking off Apple and putting them up onto a pedestal as a precious baby of the industry that can do no wrong and should have special rules just for them instead of _suing Meta into the fucking ground_ and making sure that this behaviour is punished in ways that make it never worth it to do ?

"Oh no, there's a bully. Let me just find a toxic relationship and hope they spend enough time bullying my bully so they forget about me" isn't exactly a recipe for success.

[jnwatson]

In Apple's press release[1], they mention proposing something similar to what you're talking about.

"Given the serious risks to users, Apple designed a solution called Trusted System Agent — an intermediary that would allow virtual assistants to safely access the same features and capabilities as Siri AI for devices in the EU."

The European Commission rejected it.

1 https://www.apple.com/newsroom/2026/06/due-to-dma-siri-ai-de...

[JumpCrisscross]

> Why couldn't the same process could be used to handoff the data to a 3rd-party AI provider?

You have more safeguards if it’s running on your own metal. It’s reasonable to want to understand that better, perhaps with your own red team, before opening up customer data to actual potential hostiles.

[simjnd]

Yeah I overestimated the amount of stripping / anonymization that was being done on device and didn't realize how much plumbing was required server-side too to have good enough privacy guarantees

[spullara]

The 3rd party firm is the one that wants the data. No need for someone to steal it from them.

[throw1234567891]

Well, it seems they couldn’t do it that way, and that’s why we don’t get it in the EU. You’re talking about every app on the phone sharing pii with third parties. Yours, and those who share data with you. This is a completely different situation than health data of a single individual. You use that “COULD” as you were certain it can be done. Tell us how.