Apple seems to be the only massive corporation that gives a sh!rt about customers’ data privacy and security. They care about it so much that they continue to painstakingly go out of their way to prove how much they care about it.

Last week, during WWDC 2024, they announced Apple Intelligence and Private Cloud Compute (PCC). They spent a surprising amount of time boasting about how they architected a secure-by-design (SbD) and private-by-design (PbD) cloud computing architecture for Apple Intelligence. In doing so, they’ve continued to deservingly earn their customers’ trust and the right to dunk on their competition for failing to walk the same talk.

Their security blog post about PCC provides compelling details about how Apple has incorporated SbD and PbD features into PCC’s architecture.

I have a strong predisposition toward visual thinking and learning, especially when it comes to abstract information systems and security concepts. I took a stab at visualizing the security and privacy architecture features of Apple’s Private Cloud Compute as a way to make it easier for myself to wrap my head around their written description of PCC and also to validate and demonstrate the rigor of their approach.

At the end of the day, the ingredients in Apple’s PCC architecture that matters more than all the others are:

1. The cryptographically tamper-proof append-only PCC build transparency log

2. Publicly accessible and reviewable PCC build images

3. Tools for analyzing PCC build images

The fact that Apple is going out of their way to allow public security and privacy researchers to easily analyze, and cryptographically authenticate, their PCC builds is almost unheard of in the industry.

Apple is basically saying they trust that no one will trust their word alone, and in order to properly provide assurance around the security and privacy “promises” they’re making, they have to be radically and robustly transparent about their new cloud-based AI features.

Admittedly, I might be a bit overly excited and not skeptical enough about what Apple has done here.

So I’m curious:

• What do you make of Apple’s PCC architecture?

• What do you find impressive about it?

• Where do you see it lacking in crucial SbD and PbD features?

• What other residual risks and concerns do they still need to address?