They control the software running on your device, and said software ultimately has access to the encryption keys stored there (subject to the usual hoops; e.g. it might need you to do a FaceID unlock first, but it's not like you aren't already doing that many times every day).
They control the software running on your device, and said software ultimately has access to the encryption keys stored there (subject to the usual hoops; e.g. it might need you to do a FaceID unlock first, but it's not like you aren't already doing that many times every day).