Ehh. I'd argue Apple has a mixed record. It's well known that iCloud backups are unencrypted and often handed over to authorities. In Jan 2020[1], it was reported they planned to encrypt backups, but dropped the rollout due to pressure from the FBI. I'm surprised they don't get called out because the difference between this and San Bernadino makes sense to me from a technical standpoint, from a practical standpoint and to the laymen it seems hypocritical.
In this case, I actually kind of buy Apple's argument that this will make it harder to cowtow to governments (assuming they encrypt iCloud photos at some point). Right now they can scan iCloud data and hand over photos and accounts without user's knowledge. They can do that without informing users (like they currently do with backups). With this in place the database and logic ships with the OS. They would have to implement and ship any changes world-wide. Users will have to install that update. An alternative is Apple silently making a server-side change affecting specific customers or countries. With that said, I do understand people's concern over the change.
iCloud backups _are_ encrypted, but have an HSM-escrowed key process on court order.
People like to pretend crypto is always E2E or nothing, but escrowed keys do mean that the process of checking cloud-backed data has an auditable release process, that the keys to your data are outside the cloud-hosted infrastructure, and that there is no support for blanket data scanning.
> assuming they encrypt iCloud photos at some point
In this case, I actually kind of buy Apple's argument that this will make it harder to cowtow to governments (assuming they encrypt iCloud photos at some point). Right now they can scan iCloud data and hand over photos and accounts without user's knowledge. They can do that without informing users (like they currently do with backups). With this in place the database and logic ships with the OS. They would have to implement and ship any changes world-wide. Users will have to install that update. An alternative is Apple silently making a server-side change affecting specific customers or countries. With that said, I do understand people's concern over the change.
[1] https://www.reuters.com/article/us-apple-fbi-icloud-exclusiv...