How Apple Intelligence Sets a New Bar for AI Security, Privacy, and Safety

Originally published at: How Apple Intelligence Sets a New Bar for AI Security, Privacy, and Safety - TidBITS

Apple Intelligence, backed by the company’s Private Cloud Compute service, takes a new approach to generative AI which prioritizes user security, privacy, and safety. Cloud computing expert and TidBITS security editor Rich Mogull explains how this works, starting with the chips in our iPhones.


Hi: I think in the last sentence of the final paragraph under ’ How does my device know where to send the request and ensure it’s secure and private?’ you mean ‘that hardware still couldn’t read the request because it would lack the decryption keys,’ not 'wouldn’t, if I’m reading the section correctly.
Great article.

Wonderful article. Beautifully explained. Been using Apple devices since 1985, but not a nerd and usually these things go way over my head. But Rich I read this in my iPhone all the way to the end and it really sets my heart at ease with privacy, safety, and security. I’ve never used ChatGPT. I’m an artist but prophet to make my own images. I don’t understand all that you speak of in the article, but somehow it’s all makes sense to me. Good job. I’m reassured about Apple and AI…somewhat. lol. Thanks. John

1 Like

Again, great, clearly explained article.
One question. Is all the private data on my device (iphone, ipad, etc) also in the PCC? So is there constant synching going on between devices and the cloud? If so, how is that secured?

No- only the minimum data required to support the request is sent to PCC, and that data is erased after it’s used for that one request.

If I remember the white paper Apple published on this, not only is the data erased after it is used for that one request - the cloud computing device that processed the request is reconfigured as a new machine and restarted so that there is no information that could be recovered after the result is returned from the cloud to the device.

There’s a problem in the [statistical] medical research community: many individuals gather data, but different data-gatherers may present the data in varying ways. Some forms may be handwritten; others will be a computer printout. Questions on the forms may not even be asked/answered in the same order. Data needs to be anonymized, but certain aggregations of data (e.g., approximate location of the study participants, certain demographics, etc.) should be maintained.

Manual processing – re-entering of pertinent data – is slow, expensive, and prone to errors. An AI could address those problems, but none of the existing AIs could do anything approaching HIPPA compliance for study participants. Perhaps Apple Intelligence will be able to do this. Comments?

Yep! Missed that in editing, but it’s now fixed—thanks!

That’s a great idea! One would hope Apple is already working on this.

1 Like

I wish this included a simple information graphic/table/comparison that neatly summarized using simplified terminology, what was said here because, as a Mac user “for the rest of us” since 1985, I found it too long and to complex. But it is a topic of great concern to humanity us non technology trained, liberal arts/design Apple users would like to better understand.

Sorry! The entire point of this article is to explain what’s behind Apple’s statement of:

With Private Cloud Compute, Apple sets a new standard for privacy in AI, with the ability to flex and scale computational capacity between on-device processing and larger, server-based models that run on dedicated Apple silicon servers.

It’s just not a simple topic, nor one that lends itself to tables or graphics.

Definitely not a simple topic, and major kudos to @rmogull for the stellar article. I’ve always said one of the marks of a true expert is the ability to explain a complex topic in a way that non-experts can understand, and I think he succeeded at this brilliantly.

However, I might quibble with the “[doesn’t lend] itself to tables or graphics” statement. I could definitely see a process diagram here, showing the actors (iPhone, network, relay, PCC node, etc.), and depicting the round trip of a request fulfilled by Apple Intelligence with appropriate callouts highlighting security features along the way. Reaching into my pocket, I don’t seem to find the funds to pay for such an effort :slight_smile: , but I certainly think it would be possible.