Blog - Private Cloud Compute: A new frontier for AI privacy in the cloud - Apple Security Research

Private Cloud Compute (PCC) is a new cloud intelligence system designed to bring the security and privacy of Apple devices to the cloud for advanced AI processing. PCC uses custom Apple silicon hardware with a hardened operating system to enable stateless computation on personal user data without leaving any trace in the system. PCC has enforceable technical guarantees to ensure user data is only used for the intended purpose and is not accessible to anyone, including Apple staff, after processing is complete. PCC does not have any privileged runtime access mechanisms that could be used to bypass its privacy protections, even during service outages or incidents. PCC is designed to be non-targetable, making it difficult for an attacker to compromise data from specific users even with a limited system breach. Apple is committed to providing verifiable transparency, allowing security researchers to fully inspect and validate the PCC software stack to confirm the claimed privacy and security guarantees. PCC will publish all production software images and measurements in a transparency log for independent review, and provide a virtual research environment to aid security research. The Apple Security Bounty program will offer significant rewards for findings that undermine PCC's privacy claims. PCC represents a significant advancement in cloud security and privacy over traditional cloud AI services. This technical overview is a precursor to a deeper dive into PCC's implementation details after it becomes available in beta.