EU can’t and won’t enforce the same rigour for 3rd party cloud AI. Which is the problem for Apple.
If said 3rd party service leaks private data, guess which company is going to be in the BIG HEADLINE and which one will hardly be mentioned in the news?
This is about Super Private Benoau AI being available for any user to install. How can they know whether it respects their privacy or not? The home page says that they're the best and mostest private ever of course, has animations generated by Claude and everything.
But actually it runs on servers bought from Hetzner's server auction and stores all logs in plain text in open S3 buckets and the owner actively sells the user data to the highest bidder.
This is what Apple is worried about and EU either doesn't care or doesn't understand the issue.
If you want it to, for example, summarise your HRV or menstrual cycle you can't anonymise it or you don't have any data to analyse. It'd be just "wink wink nudge nudge" with zero context.
Some data could outright be replaced (names, etc) and swapped back on device.
It couldn't do it with ALL the data (eg. calendar data needs to be accurate) but just because you need to give context doesn't mean sacrificing privacy.
Everything would go through an Apple proxy before reaching a theoretical 3rd-party provider.
These wouldn't provide privacy GUARANTEES but could make it reasonably difficult and expensive to fingerprint?
Why should they? If the user decides to trust a third party, Apple shouldn't retain veto power for the customer's choice.
This is how macOS treats apps like OpenClaw. It can absolutely work for iOS too.
Let's remember that a tiny company called Meta had a "VPN" they provided for users that just happened to spy on them: https://news.ycombinator.com/item?id=39881962
And that went on for a long while before it was noticed.
Now imagine the same situation but an infinite whack-a-mole of alternative AI providers and just regular folk who will install mobile games from a frozen baby ad...
Probably the same number of customers that are legitimately capable of evaluating the privacy of Apple's PCC?
Let's not forget a tiny company called Apple that once proposed Client Side Scanning to "save the kids" by hashing your entire iCloud. Apple loves demanding the moral high ground to promote asinine surveillance mechanisms with no safety guarantees for their users. Senator Wyden is adamant that Apple colludes with the US government to surveil metadata and intercept Push Notifications. Apple's definition of "private" doesn't actually entail privacy at all. Many third-party services are better positioned to protect their users than Apple is.
So why should users defer to Apple's arbitrary definition of privacy? It's obviously bullshit. If you're a traveling journalist, protestor or dissident, you might end up like Jamal Khashoggi for trusting Apple's services to keep you private.