Comment by ricardobeat

> what if someone goofs an operation and it ends up returning the actual data

That's kind of like saying "they can take a picture of your face and transmit it, but what if someone goofs an operation and sends your actual head instead".

Any encrypted data the server has cannot 'accidentally' be decrypted, and as someone else explained in this thread they only send encrypted vectors describing features of the image (building, tree, etc) and not the actual image. It's certainly not a fact that "they are looking at your pictures" [1].

[1] "they" being Apple; the other guys could have backdoored the whole OS and Apple employee's computers for all I know