Comment by rzimmerman
1 month ago
If your core concern is privacy, surely you'd be fine with "no bytes ever leave my device". But that's a big-hammer way to ensure no one sees your private data. What about external (iCloud/general cloud) storage? That's pretty useful, and if all your data is encrypted in such a way that only you can read it, would you consider that private? If done properly, I would say that meets the goal.
What if, in addition to storage, I'd like to use some form of cloud compute on my data? If my device preprocesses/anonymizes my data, and the server involved uses homomorphic encryption so that it also can't read my data, is that not also good enough? It's frustrating to see how much above and beyond Apple has taken this simple service to actually preserve user privacy.
I get that enabling things by default triggers some old wounds. But I can understand the argument that it's okay to enable off-device use of personal data IF it's completely anonymous and privacy preserving. That actually seems very reasonable. None of the other mega-tech companies come close to this standard.
iCloud is opt in. This should be too. A lot of people are fine with keeping their photos offline-only and syncing with their computers through a cable.
Making it “private” with clever encryption is their job since Apple wants to sell privacy. They aren’t doing it because they are nice or care about us. Plus, code is written by people and people write bugs. How can you tell this is truly bug-free and doesn’t leak anything?
Ultimately, making it opt-in would be painless and could be enabled with a simple banner explaining the feature after the update or on first boot, like all their opt-in features. Making it opt-out is irresponsible to their branding at best and sketchy to their users at worst, no matter how clever they say it is.
No — users should be the ones to decide if “encrypted on remote storage” is a beneficial trade off for them and their particular situation.
I think there’s some weird impulse to control others behind these decisions — and I oppose that relationship paradigm on its own grounds, independent from privacy: a company has no business making those choices for me.
You are free to use such services if you wish; others are free not to use those services.