Blog - Private Cloud Compute: A new frontier for AI privacy in the cloud - Apple Security Research

Blog - Private Cloud Compute: A new frontier for AI privacy in the cloud - Apple Security Research

  • Private Cloud Compute (PCC) is a new cloud intelligence system designed to bring the security and privacy of Apple devices to the cloud for advanced AI processing.
  • PCC uses custom Apple silicon hardware with a hardened operating system to enable stateless computation on personal user data without leaving any trace in the system.
  • PCC has enforceable technical guarantees to ensure user data is only used for the intended purpose and is not accessible to anyone, including Apple staff, after processing is complete.
  • PCC does not have any privileged runtime access mechanisms that could be used to bypass its privacy protections, even during service outages or incidents.
  • PCC is designed to be non-targetable, making it difficult for an attacker to compromise data from specific users even with a limited system breach.
  • Apple is committed to providing verifiable transparency, allowing security researchers to fully inspect and validate the PCC software stack to confirm the claimed privacy and security guarantees.
  • PCC will publish all production software images and measurements in a transparency log for independent review, and provide a virtual research environment to aid security research.
  • The Apple Security Bounty program will offer significant rewards for findings that undermine PCC's privacy claims.
  • PCC represents a significant advancement in cloud security and privacy over traditional cloud AI services.
  • This technical overview is a precursor to a deeper dive into PCC's implementation details after it becomes available in beta.