For years, Apple has touted privacy as its major advantage over rivals like Google and Microsoft. Instead of relying on cloud processing to improve or organize your images, which requires sending your photos to Google’s servers, Apple handles those tasks directly on your device. But with the advent of Apple Intelligence, the company’s take on artificial intelligence, the company is stepping out of its comfort zone with “Private Cloud Compute.” It says “private” right in the name, so it has to be secure, right?
While Apple AI will run some models locally, it will occasionally have to send data to Apple’s servers for complex requests. So how is the company squaring this with its previous security stance?
According to Craig Federighi, Apple’s SVP of Software Engineering, the company is being very careful about how its sending your data to its servers. “You’re putting a lot of faith in the cloud… with Private Cloud Compute, the stakes are even higher,” he said in a WWDC 2024 conversation with Apple’s AI head, John Giannandrea, and YouTube influencer iJustine.
During the WWDC keynote, Federighi showed off how Apple AI could help him reschedule a meeting and determine if he could still attend his daughter’s dance recital. Apple AI was able to determine who his daughter actually was, where her event was located, and the estimated travel time from his meeting.
Federighi says Apple isn’t sending all of your data to the cloud, instead it’s only uploading the most important bits of information relevant to your Apple AI query. Additionally, your server request is anonymous, since it’s using the same IP masking technology as iCloud Private Relay. Federighi also noted that Apple’s cloud servers have no permanent storage and don’t have the ability to keep logs.
To make things even more secure, Federighi says Private Cloud Compute servers are running software with published images for security researchers to audit. Apple Intelligence devices can only talk with servers running those approved images — if there are any changes to the servers, the local devices will also need to be updated to see them.
That process may a bit restrictive, but that’s precisely the point. Federighi calls it “a step up” in the level of trust you can have with server computing. “It’s essential that you know no one—not Apple, not anyone else, can access the information used to process your request,” he said.
