Apple says its AI is still private, even when it's running on Google's servers

2026-06-09 · Source: AI - Ars Technica · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cloud Computing & IT Infrastructure, Cybersecurity & Data Privacy · Depth: Intermediate, short

Summary

Apple's new "Siri AI" and "Apple Intelligence" features will integrate Google's Gemini language models and run on Nvidia hardware within Google's servers, a significant shift from Apple's traditional on-device or Apple-controlled server processing. Despite this, Apple asserts it maintains its stringent user privacy promises. The company addresses hardware limitations for large language models by extending its Private Cloud Compute (PCC) system to third-party infrastructure. This is achieved through a multi-layered security approach, incorporating Nvidia's Confidential Computing, Intel's Trust Domain Extensions, and Google's Titan security chip. Additionally, Apple maintains a cryptographically verifiable ledger of Google Cloud hardware and ensures only Apple-signed software runs on these servers. An on-device "System Orchestrator" minimizes data sent off-device, and PCC is designed to ensure data transience, vaporizing records immediately after query resolution. These features will launch with iOS 27, iPadOS 27, and macOS 27 Golden Gate this fall.

Key takeaway

For AI Architects evaluating hybrid cloud strategies for sensitive data, Apple's approach demonstrates a viable path to extend privacy guarantees beyond proprietary infrastructure. You should investigate integrating confidential computing technologies like Nvidia's Confidential Computing or Intel's Trust Domain Extensions. Prioritize on-device data orchestration to minimize off-device transfers and design cloud processes for strict data transience, ensuring no persistent records. This model allows scaling AI capabilities without compromising user trust.

Key insights

Apple extends its privacy architecture to third-party clouds using hardware-backed confidential computing and strict data transience.

Principles

On-device orchestration minimizes data exposure.
Data processed in cloud must be transient.
Hardware-backed confidential computing is crucial.

Method

Apple's Private Cloud Compute (PCC) on Google Cloud uses Nvidia's Confidential Computing, Intel's Trust Domain Extensions, and Google's Titan chip. An on-device System Orchestrator selects models and data, sending minimal, transient data to PCC for processing.

In practice

Implement on-device data filtering.
Design for transient cloud data processing.
Utilize confidential computing technologies.

Topics

Apple Intelligence
Private Cloud Compute
Confidential Computing
Data Privacy
Hybrid Cloud AI
Gemini Language Models

Best for: CTO, VP of Engineering/Data, Executive, AI Architect, Director of AI/ML, AI Product Manager

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by AI - Ars Technica.