On the other hand, tying everything to iCloud and then losing all your data because you replaced your sole device and forgot your password would be disastrous. This is the scenario that requires Apple to retain the keys to your iCloud, and as long as they have those keys, they can be compelled to decrypt it under lawful government order.
The thing is, once data is in iCloud, there are other ways you can retrieve it and back it up yourself as long as you do have working authentication, and I can see no good argument for not offering E2E encryption across the board that is tied to such identification.
Worst case, you generate a suitably robust key that is used for authentication and encryption, and you provide a means to export it and back it up however you want without sending it to any third party. You can still use all the snazzy secure enclaves and facial recognition and so on to protect a copy of that key that is held on each of your personal devices to enable easy but reasonably secure access, but the underlying technology is tried and tested, it does not have the lock-in problem, and it does not require data in iCloud to be accessible to anyone but the keyholder.
Also note that this needn't necessarily be mandatory. If users are OK with trusting Apple, they could still use the current approach. But if you're going to claim to be a strong supporter of privacy and security, you should really have at least the option for proper encryption of everything for those people and businesses that want it.
These days I have enough other apple devices tied in (family settings etc) that i could lose one device and still be authenticated via another
I think the secure enclave is the winning technology - whilst not everyone has to have a smartphone in the brave new digital world,everyone will have to have at least one secure enclave (HSM probably tied to biometrics)
