Comment by jrk

They don't "have your data," even at an aggregated and noised level, due to the homomorphic encryption part.

Restating the layers above, in reverse:

- They don't see either your data or the results of the query (it's fully encrypted even from them where they compute the query -- this is what homomorphic encryption means)

- Even if they broke the encryption and had your query data / the query result, they don't know who "you" are (the relay part)

- Even if they had your query hash and your identity, they couldn't reverse the hash to identify which specific photos you have in your library (the client-side vectorization + differential privacy part), though by the this point they could know what records in the places database were hits. So they could know that you took a photo of a landmark, but only if the encryption and relay were both broken.