15 Sources
[1]
Apple says its AI is still private, even when it's running on Google's servers
CUPERTINO, California -- Apple announced earlier this year that its long-delayed Siri upgrade, announced this week as "Siri AI," would use Google's Gemini language models. What the company confirmed at its Worldwide Developers Conference yesterday was that it also ran on Nvidia hardware installed in Google servers. But the company is still making the same privacy promises it did before, when all of its AI models were either running locally on your devices or on Apple-controlled server hardware. For years, Apple has touted user privacy as a key benefit of using its platforms. Its cloud services use encryption that's intended to keep other people -- including Apple employees -- from being able to gain access to it. And the company has long advertised its use of on-device processing for things like scanning images, keeping as much data as possible from leaving your device in the first place. But with Apple Intelligence, Apple has run up against the limits of its own hardware. The kinds of language and reasoning models that can run locally on an iPhone or Mac are relatively small, limiting their capabilities and accuracy. Apple's Private Cloud Compute system was a partial solution but relied on Apple's own server hardware; to get the kind of capacity it would need to support Siri AI, Apple would have had to commit to a huge data center buildout that it has so far avoided. Apple's Craig Federighi and other Apple executives got on a smaller stage after the WWDC keynote to explain to the press and other media how it planned to preserve user privacy while still getting the kind of compute capacity it needed and what its partnership with Google meant. Taking Private Cloud Compute on the road "This is the amount of the Google system we use, which is none," says Federighi, standing in front of a blank slide in a much more intimate theater than the giant outdoor auditorium where he had introduced CEO Tim Cook a couple of hours before. Federighi has just outlined a "traditional chatbot architecture" -- a client app running on your device that reaches out to cloud-based models running on third-party servers. Those models can then reach out to Google Search or something similar "to [ground themselves] in world knowledge." Apple's system still depends on an on-device model for simpler queries. In this year's OS releases, most Apple Intelligence devices get AFM 3 Core, a new Gemini-based model co-developed by Google and Apple. Newer devices with at least 12GB of RAM and a relatively recent chip (M3 and newer for Macs, M4 and newer for iPads, just the A19 Pro for iPhones) use AFM 3 Core Advanced instead, which leverages the extra hardware as well as your device's storage to function (it's used to improve dictation and power Siri's more expressive voice). For "more sophisticated" questions, your device will contact cloud-based models, again co-developed by Apple and Google: a general-use model called AFM 3 Cloud, an image-generation model called ADM 3 Cloud, and an advanced model called AFM 3 Cloud Pro for "agentic tool use and complex reasoning." The first two models, Apple says, still run on Apple's silicon on Apple's servers. The Cloud Pro model is the one running on Google-owned Nvidia hardware. To do this while still making the same privacy promises, Apple has introduced a new iteration of Private Cloud Compute, this one designed to run on third-party hardware. Apple is using Nvidia's Confidential Computing, Intel's Trust Domain Extensions, and Google's Titan security chip to provide layers of protection similar to what Apple provides for its own servers. To provide additional protection, Apple keeps "a cryptographically verifiable, append-only ledger of all Google Cloud hardware that is part of the PCC fleet," and Apple's devices will only trust software on these servers that is signed by Apple. The Google Cloud servers don't yet support all the same protections as Apple's own Private Cloud Compute servers, but Apple says it "will be gradually ramping towards the complete set of protections throughout the summer preview period." Important decisions, like which model to use and what apps have access to what data, are handled by an on-device feature Apple calls the "System Orchestrator." Among its duties is making sure that only the data needed to answer a user query is sent off-device in the first place (your device could generate an answer about a recipe you were sent in the Messages app, for example, without getting information about the person who sent it to you, when they sent it, or why they were sending it). "While we absolutely minimize what is sent up to PCC, the critical thing about PCC is, architecturally, that's at that point an efficiency measure," said Federighi. "Because PCC itself, by design from the ground up, is going to vaporize any record of that data the moment after it answers your question... This is not stored. It's all in a form where it's completely transient." Siri AI and the other new Apple Intelligence features will launch as part of iOS 27, iPadOS 27, macOS 27 Golden Gate, and Apple's other operating system releases this fall. The first beta versions are available to developers now, but most people would be better served by waiting until July to try it, when a more stable public beta version will be released.
[2]
Inside the new Siri AI and the privacy paradox of Apple Intelligence
To run errands across apps, Apple's upgraded assistant needs deep access to personal data the company has walled off for years During Monday's keynote at Apple's Worldwide Developers Conference (WWDC), a presenter asked Siri to plan a watch party for a World Cup match. The virtual assistant pulled the tournament schedule from the Internet, dug through the user's Messages history to find a mention of coconut cookies, drafted an invitation featuring the recipe, and prepared to send it to a group chat. Siri carried out this choreography without the user ever touching an app. The proactive assistant Apple has promised -- and repeatedly delayed -- for two years has, it seems, finally arrived. But to pull off this kind of digital errand-running, Siri needs deep access to personal data Apple has spent years walling off: your mail, photos, messages and calendar. Each new capability expands the territory the company's privacy architecture must cover. At WWDC, Apple's keynote speakers kept returning to the same privacy claims: user requests to Siri stay private, data is not retained after processing, and outside researchers can inspect the system. Florian Schaub, who studies usable privacy at the University of Michigan, says Apple's openness to outside scrutiny is welcome -- but limited. "Consumers often lack the expertise to inspect code," he says, but by publishing specifications and letting researchers and regulators examine its systems, Apple "at least facilitates external validation of their claims." On supporting science journalism If you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today. The new Siri relies on an architecture Apple calls the System Orchestrator, a layer that coordinates data flowing among Spotlight's Semantic Index, onscreen information and an App Toolbox that carries out actions inside apps. Siri's underlying reasoning rests on a new generation of Apple Foundation Models, including a top-tier cloud model the company calls AFM Cloud Pro, which is custom-built for Apple hardware and refined from Google's Gemini frontier AI models. When a request is too complex for a phone, Apple says Private Cloud Compute handles it on servers that do not retain user data and can be inspected by outside researchers. The largest of these models was reportedly derived from a specialized version of Gemini with about 1.2 trillion parameters, according to Bloomberg, which Google has licensed to Apple for about $1 billion a year. Ahead of Monday's keynote, The Information reported that some of that cloud processing might run on Nvidia chips inside Google's data centers. Apple executives have distinguished the deployment from Google's consumer AI stack and model-serving infrastructure. Yet until Apple opens this hybrid cloud arrangement to the outside inspection it invites for Private Cloud Compute, the data-routing security of these models rests largely on the company's word. Encryption protects data in storage and in transit, but it cannot stop an assistant like Siri from misusing the access it has been given. Text from an e-mail, webpage or shared document can reach the model in the same stream as the user's instructions. To the software, that outside text may function as a command, even if the user never meant it that way. Researchers call this indirect prompt injection. Programmer Simon Willison describes the risk as the "lethal trifecta": any assistant that can read private data, ingest untrusted content and transmit information can be tricked into handing that private data to a stranger. A phone assistant with Siri's new abilities brings all those elements together. "Autonomous agents significantly expand the attack surface for prompt injection," says Natalie Shapira, a security researcher at Northeastern University who studies AI agents. "The challenge is the chain of permissions and actions that connects the model to multiple applications and services." Last year, researchers at Aim Security found exactly this opening in Microsoft 365 Copilot. They named it EchoLeak, a zero-click attack on a production AI assistant. A single e-mail planted instructions that the software carried out later, when the recipient asked it something unrelated. The stolen data slipped out through an image the software loaded on its own, with no link to click and nothing on screen. Microsoft patched the vulnerability before anyone was known to have used it. Apple's Safari demo at WWDC showed how this same structural risk reaches beyond Siri: the browser will be able to generate custom extensions via vibe coding. Apple says Siri AI will not reach iPhones or iPads in the European Union at launch (though it will run on Macs and other devices there), blaming the continent's Digital Markets Act, the bloc's competition law for large digital platforms. (In China, the new features await regulatory approval.) Citing security researchers, Apple argued the EU law would force it to give rival AI assistants the same deep access to user data. The company insists its architecture contains risks that a competitor's might not -- but no independent researchers have tested the new Siri in the wild. Apple did not immediately respond to a request for comment. The public release is planned for this fall. Once it arrives, security researchers and ordinary users alike will experience Siri's reach beyond Apple's carefully staged demos.
[3]
Apple Debuts New AI Models Built With Gemini
Expertise Artificial intelligence, home energy, heating and cooling, home technology. Apple's AI upgrade has been rumored for a long time, but we got a look Monday at its WWDC developers conference, when the company announced new Apple Intelligence models it built in a partnership with Google, using that company's Gemini technology. Apple Intelligence is expected to be built into lots of Apple tools, especially a revamped Siri personal assistant. "We believe that truly helpful AI must be centered around you and your needs," Craig Federighi, Apple's senior vice president of software engineering, said during the WWDC keynote video presentation. Some things about Apple's AI aren't really new: The company is leaning particularly heavily toward on-device AI, meaning smaller models built to run on your iPhone, iPad or Mac, rather than in the cloud. It also touted privacy as a cornerstone, noting that Apple doesn't store your data or chat logs with AI. What is new? A more powerful on-device model is multi-modal, meaning it can understand speech and images, Federighi said. It is also more accurate with dictation and language understanding. A system orchestrator can coordinate across models, while Apple Intelligence can also work across your apps. This is a developing story and will be updated.
[4]
Apple's AI pitch will live or die by its privacy promise
As expected, yesterday's WWDC keynote was mostly about AI. And also as expected, Apple tried to turn its late arrival into its sales pitch: it didn't rush into AI because it was taking its time to do things right. In this case, "right" means "with more privacy than anyone else." It's a good pitch -- the question will be how well it holds up. The new Apple Intelligence features and the updated Siri AI have been designed to work across iPhone, iPad, Mac, Apple Watch, and Vision Pro. There's a dedicated Siri AI app, with a ChatGPT-esque chatbot experience, new AI-powered camera and photo editing features, and the beginnings of an agentic experience that will let Siri AI interact with other apps and software on your iPhone, iPad or Mac. Whatever device you access the new AI from, Apple says the processing will be roughly the same: queries will be handled on-device where possible, and in its secure Private Cloud Compute system when not. Apple says your data won't be stored, will only be used to execute your request, and won't be accessible to Apple or anyone else. Conversation logs in the new Siri AI app will be kept, but only on-device and in your end-to-end encrypted iCloud account. This architecture itself isn't new -- Private Cloud Compute was announced alongside the initial Apple Intelligence launch in 2024. But two years on, two things have changed. First, Apple is undeniably behind almost every competitor on AI, even after yesterday's announcements. That makes its privacy pitch more important than ever as a way to differentiate itself from the competition. It's the second change that makes that trickier: in part because it's so behind, Apple is now working with Google and Nvidia to run its AI operation. Instead of being designed entirely in-house, Apple's new cloud AI models are based on Google Gemini. Meanwhile Private Cloud Compute has expanded beyond Apple's own data centers, running on Google Cloud systems using Nvidia GPUs, Intel CPUs, and Google Titan chips. That's a marked change. When Private Cloud Compute was first announced, Apple emphasized that it was built specifically to run on Apple silicon, with a hardened supply chain including extensive security scans and validation checks on each server before it joins the rack. Apple can't control Google, Intel, and Nvidia's supply chains though. Instead, Apple now maintains a "cryptographically verifiable, append-only ledger" of all Google Cloud hardware used for Private Cloud Compute and "retains complete control" of the software. Apple claims the resulting system has the same "extraordinary security and privacy properties" as before, though skeptics might point out that the longer supply chain introduces vulnerabilities that simply didn't exist before. Still, Apple can credibly claim that its approach to AI places a priority on privacy lacking from the AI giants. And it wasn't shy about making that point. "Some appear to be racing forward, seemingly pursuing AI for the sake of AI, without clear regard for the people, all of us, that it's ultimately meant to serve," SVP of software engineering Craig Federighi said during the keynote. He went on to explain that Apple Intelligence has instead been designed "with privacy in mind at every step." In truth, Apple's privacy solutions aren't entirely unique, though they do remain the industry's most comprehensive. Last year Google announced Private AI Compute, which at the time we called "virtually identical" to Private Cloud Compute (right down to the name), running on "one seamless Google stack" powered by its in-house TPUs. The difference is in application: while Apple uses its private cloud computing for every AI query that can't be run on-device, Google has been less specific about when it uses Private AI Compute -- and when it doesn't. The company says it's used for Magic Cue and the AI-powered Recorder app on Pixel phones, but hasn't said if it's used for every Gemini query made from one of Google's phones, or if there are any equivalent protections for Gemini use on other platforms. In fact, Google says that Gemini collects reams of data by default: prompts you submit, files you share, and recordings of spoken conversations. Google also collects data on the content Gemini creates for you, the tasks it carries out, and information from and about the apps, browsers, and devices you use it with. By default, chat history with Gemini is stored for 18 months and then deleted, though you can reduce this to as little as 72 hours. It's a similar story with other major AI companies. OpenAI says it collects the prompts and content that users upload to ChatGPT, along with various types of location and device information. Chats are used as training data by default, though you can disable this. Anthropic collects roughly the same stuff when you use Claude, though notes that it deletes audio recordings of spoken prompts, while retaining the transcripts. Claude also defaults to using your data for model training, and says it's kept in a "de-identified" form for up to five years. By contrast, the Apple Intelligence privacy policy -- last updated in 2025, before the most recent announcements -- says that Apple only collects "limited information" on Private Cloud Compute requests, such as the size and how long it takes to complete, but no information about the content of the request or its result. Of course, Apple has an advantage here: it doesn't need to collect your data to train its models, because Google has already handled that using its users' data. Apple's partnership with Google may raise concerns about how it maintains user privacy, but it may also be precisely how it's able to offer functional AI without giving up that privacy. It's the more limited default data collection that ultimately makes Apple's privacy promise stand out. Even if the expanded Private Cloud Compute turns out not to be as secure as it used to be, Apple is still claiming to collect a lot less data than any of the AI alternatives. For many Apple users, that may be worth waiting a few months -- or years -- for Apple Intelligence to finally arrive.
[5]
I'm glad Apple isn't hyping up agentic AI (yet) - Engadget
Unlike its peers, Apple was more focused on making AI seem useful at WWDC. If you were to take a shot every time someone mentioned "agentic" AI at the most recent tech keynotes -- Google I/O, Microsoft Build and NVIDIA's Computex blowout -- you'd be sick in no time. It's the industry's latest buzzword, describing AI agents that can do work on your behalf without any direct input, like automatically adding meetings to your calendar based on your emails. It's as if the tech world can't wait to sit back and let AI take the wheel. We'll probably see impressive agentic AI within a decade or so, but I worry about leaping into a world of agents with our current batch of AI models, which can still hallucinate and aren't entirely trustworthy. The idea of letting current AI agents act entirely on their own seems like sheer insanity. Apple, once again, seems to be thinking a bit differently. Agentic AI was only briefly mentioned during its WWDC 2026 keynote this week. Instead, Apple spent the majority of the time talking about the ways its new Siri AI could actually be useful: Like finding a friend's new address buried in a long text message thread, or figuring out how to get tickets to an exclusive concert. For the most part, Siri AI responds to your commands, it just has the benefit of modern AI models to better synthesize data. Based on our early look at Siri AI at WWDC 2026, it seems to work as advertised, though we'll need to perform long-term testing to see if it really holds up. We're also dealing with the first developer beta, so there's a lot of room for things to change between now and when Apple's latest OS updates drop this fall. But as an AI skeptic, I'm surprised to find myself intrigued by the possibilities of Siri AI, more so than I've been for anything around Microsoft's Copilot. Apple's commitment to privacy with Private Cloud Compute also gives it a leg up on Google and Microsoft -- the company says it only uploads relevant data, makes it all anonymous and doesn't track server logs. For its new AFM3 Cloud Pro model, which runs on Google's servers with NVIDIA-powered hardware, Apple has also upgraded Private Cloud Compute to offer a similar amount of security. "While we absolutely minimize what is sent up to PCC, the critical thing about PCC is, architecturally, that's at that point an efficiency measure," Craig Federighi, Apple's SVP of software engineering, said during a WWDC panel (via Ars Technica). "Because PCC itself, by design from the ground up, is going to vaporize any record of that data the moment after it answers your question... This is not stored. It's all in a form where it's completely transient." Apple couldn't resist the allure of agentic AI entirely, though. And not surprisingly, it's also tied to one of the more troubling new Apple Intelligence features: The ability to automatically change your compromised passwords. Apple claims the new Passwords app "securely navigates through websites to sign in and upgrade their accounts to strong passwords." The potential issues are obvious: What else can happen when Apple Intelligence logs into that website? Can I really trust the password it comes up with? Then again, I also know I still have compromised passwords on unimportant websites, wouldn't it be better to have those automatically fixed? The goal of making users more secure may be worth the slight loss of agency through Apple's agent, but it's a slippery slope. Apple is also using agentic AI with Safari's new "Notify Me" feature, which lets you set up an alert for specific changes on a website. It could be useful for tracking price changes or news updates around a specific organization -- it's certainly far better than keeping a tab open forever and constantly refreshing it. It's easy to see how Apple could take this feature further: Maybe eventually AI could automatically purchase a hot product before it goes out of stock, or send an email to a group of friends if you're eyeing a vacation property's pricing. You could argue that Apple is far behind its competitors when it comes to AI in general, and you'd have a point. Microsoft and Google rushed to shove their AI capabilities into every nook and cranny of their consumer products, which made their investors happy (even if it arguably made those products worse). Apple, meanwhile, has struggled with delays for its AI-powered Siri upgrade, which was first announced two years ago. The first batch of Apple Intelligence features, like notification summaries and Genmojis, were fairly underwhelming (and in the case of those summaries, it led to some embarrassing mistakes). Apple is rarely the first to new technology, though. It didn't make the first MP3 player, smartphone or ultraportable laptop. Instead, the company has typically focused on fixing glaring issues from early market entrants, making its solutions more usable for consumers, and, of course, charging a ton of money for the privilege of using its more refined products. The iPod was a success because it could hold a ton of music, was easy to use and it was tied to iTunes, the first major attempt at making digital music legally available. The iPhone succeeded by leapfrogging keyboard-bound smartphones with a larger screen and more usable apps. With Siri AI, Apple has the hindsight of seeing where Microsoft failed with Copilot, and it has a clearer vision of the AI features people may actually want to use. It will undoubtedly lean into more agentic features as its models improve and consumers get more used to AI. I'm just hoping Apple remains judicious about how it applies agentic features. I'm already worried about Siri mishearing my voice commands, I don't want to worry about it clearing out my bank account.
[6]
Apple details the AI models behind the new Siri
Apple's third-generation Foundation Models, built with Google, include a sparse 20bn-parameter on-device model and three Private Cloud Compute models, some running on Nvidia GPUs in Google's cloud. The headline from Apple's developer conference was a reborn Siri. The more interesting story sits underneath it: the AI models Apple built to run the thing, one of which is far too big to fit in an iPhone's memory, yet runs on the device anyway. In a technical post published alongside WWDC, Apple detailed the third generation of its Apple Foundation Models, a family of five models it describes as "custom-built in collaboration with Google." Two run on-device: AFM 3 Core, a 3-billion-parameter model for everyday tasks, and AFM 3 Core Advanced, its most powerful on-device model. Three more run in the cloud: AFM 3 Cloud, a server workhorse; ADM 3 Cloud, an image model behind Image Playground and Genmoji; and AFM 3 Cloud Pro, the heavyweight built for agentic tool use and complex reasoning. The clever engineering is in Core Advanced. It is a 20-billion-parameter, natively multimodal model, the kind of size that normally lives in a data centre, not a phone. Apple's trick is to keep the entire model in flash storage rather than the much smaller pool of working memory. Using a technique its researchers call Instruction-Following Pruning, the model makes routing decisions once per prompt, loading only a small set of "expert" parameters into memory, between 1 and 4 billion at a time, while keeping a core of shared experts always on. That lets Apple scale the model "far beyond traditional DRAM limits," it says, and powers the more expressive voices and sharper dictation in this year's software. The cloud models lean on Apple's Private Cloud Compute, which the company says keeps user data from being stored or shared with anyone, including Apple. For the top-end Cloud Pro model, Apple worked with Google and Nvidia to extend that privacy architecture onto Nvidia GPUs in Google Cloud. That Google partnership is the detail worth untangling. Coverage of the keynote variously suggested Apple's models were "distilled from Gemini" or contained no Google technology at all. The technical post lands in between: the AFM family is Apple's own, "custom-built in collaboration with Google," and trained on Google's cloud TPUs, while the heaviest reasoning behind the new Siri reportedly draws on a large custom Google model. In short, the models are Apple's, the muscle and much of the infrastructure are Google's. For developers, the more consequential change is the Foundation Models framework. Apps can tap the on-device model directly, and this year Apple added a model-abstraction layer that lets developers swap in third-party models such as Anthropic's Claude or Google's Gemini without rewriting their code, while iOS 27 will let users set a rival assistant as their default. It is an unusually open stance for Apple, even if Apple Intelligence itself still is not coming to the EU on the same timeline. The usual caveat applies to the numbers. Apple's post is studded with flattering comparisons, AFM 3 Cloud preferred over last year's model on 64.7 per cent of prompts, expressive voices scoring 4.15 on a 5-point opinion scale against 3.87 for the old system, but these are Apple's own human evaluations, not independent benchmarks, and the models are still in beta. A fuller technical report is promised later this summer. Still, after two years of being mocked for an assistant that did not work, this is Apple's clearest argument that the plumbing is finally real: a small, private model for the everyday, bigger ones boxed inside its own cloud for the hard stuff, and Google's frontier muscle where Apple still cannot compete alone. Whether it holds up outside Apple's own charts is the test that comes next.
[7]
Siri's big Apple Intelligence upgrades sound a whole lot like Gemini
The new Siri will be available on iPhone 16 or newer, as well as iPhone 15 Pro models. Apple held its annual WWDC keynote today. A lot of the presentation was dedicated to AI: There were some novel applications of the tech, like a new Reframe feature that lets you simulate repositioning your iPhone camera after taking a photo, creating an image that looks like the same moment shot from a different perspective. Then there's Siri AI, which sounds more or less like Gemini built for iOS. The new version of Siri can do a lot of the same things Google likes to talk about Gemini doing. It can answer questions conversationally across Apple's different platforms, react to content on your screen, and access information both from the internet and across your personal Apple account. There's also a new, dedicated Siri app where your interactions are saved so you can revisit them later. Apple's added new writing tools to Siri that let it generate text from a prompt in just about any field. Siri will be able to access information in your Apple-linked email, texts, photos, so it should be able to answer questions and generate text grounded in your own personal context. This new AI-powered version of Siri does seem more customizable than Gemini, at least, allowing users to personalize the synthesized voice the assistant responds with using sliders that change both the pace and level of expressiveness of speech output. Siri AI will be out in beta later this year. Older iPhones won't be able to take advantage, however: the newest version of Siri will be compatible with iPhone 16 or newer, as well as iPhone 15 Pro and 15 Pro Max.
[8]
Privacy is the linchpin of Apple's AI relaunch
The secure infrastructure includes features like an AI-powered Passwords app and allows outside researchers to verify system integrity for transparency. One of the most promising new AI features Apple announced during Monday's WWDC keynote is also among the scariest: the ability for Apple's Passwords app to replace your weak and compromised passwords on its own, with the help of AI agents working on your behalf. Wait a second: AI agents running around with your passwords? That's crazy! Giving a password to an AI chatbot is, generally speaking, one of the biggest AI no-nos, making Apple's new agentic Passwords feature a non-starter. Right? Well, maybe not. One area in which Apple has excelled is privacy, with its iCloud storage service earning a well-deserved reputation for keeping all eyes -- including Apple's -- off your data. Personally, I don't put my bank statements in Google Drive, but I do store them in iCloud. With Privacy Cloud Compute, a secure cloud-based infrastructure that Apple's been touting since its original (and botched) Apple Intelligence pitch two years ago, Apple is hoping to extend its reputation for robust privacy to its newest AI features, including those that many of us would otherwise be wary of trusting. In a nutshell, Privacy Cloud Compute is Apple's way of keeping your personal data private even when you're performing AI-related tasks that require the cloud. Apple's end-to-end encrypted Privacy Cloud Compute servers are designed to be inaccessible to third parties, including Apple, and any data sent there is wiped once it's no longer needed. Even better, Privacy Cloud Compute won't keep any of your data for training AI models. Of course, putting our trust in Privacy Cloud Compute is a big ask, which is why Apple has opened up the system's architecture to outside researchers to verify its integrity. There are also white papers aplenty that detail Privacy Cloud Compute down to the last bit. But let's say, just as a thought experiment for now, that Privacy Cloud Compute can be trusted, meaning we would be able to trust Apple Intelligence with changing our passwords. That would open the door to all kinds of other AI functionality that many everyday AI users, including me, simply refuse to entertain at this point. Take, for instance, allowing AI to dip into our finances. I've already expressed my reluctance to let ChatGPT delve into my banking accounts. But if Privacy Cloud Compute is the real deal, I'd be much more liable to right-click a bank statement on my desktop and select Ask Siri, triggering a conversation with the newly enhanced assistant about my credit card charges. Then there's Siri AI's upcoming ability to search across our email and Message threads, plucking out personal details that our friends or colleagues may have sent us. Personally, I'd feel a lot better about -- and more willing to use -- Siri AI with the Messages app if I knew Privacy Cloud Compute was shielding my personal data (and the private details of others) from prying eyes. There were other Apple Intelligence features that intrigued me during Apple's strikingly subdued WWDC keynote. (I believe the word "agentic" only came up once or twice, and there was no "AI agent" talk at all.) I thought the ability to essentially vibe-code Safari browser extensions was pretty clever, and I look forward to building Apple Shortcuts (which, up until now, I've found impenetrable) with natural language prompts. Overall, I was impressed by how Apple stuck with the basics in its big Apple Intelligence reintroduction, and for me, privacy is -- or should be -- one of the basics when it comes to AI. If Apple can stick the landing with Privacy Cloud Compute, it could change the way we use AI more than an army of AI agents ever could.
[9]
Siri AI may be privacy-first, but the new 'personal-context understanding' features really creep me out
Useful? Maybe. Private? Sure. But it still doesn't sit right with me The idea of being able to keep your personal data private feels rather laughable at the moment. It feels as though it's all being collected and monitored to try and sell you more stuff. Throwing AI into the mix, and letting it scour your devices for information, feels like ramping this process up to 11. It feels like the digital equivalent of opening up all your doors and windows when you know there are looters in your neighbourhood. Apple says that its take on AI is different, promising privacy is baked into Apple Intelligence by default. Considering how much Apple has been pushing the privacy angle for almost a decade, and the time it's taken to actually develop Siri AI, I'm inclined to believe that everything has been built with the goal of preserving user privacy. But I still don't think I'm ready to let AI have unfettered access to my phone. Is that crazy? Perhaps, but it still feels like a very intimate step that I'm not 100% comfortable actually taking. How Siri AI aims to preserve user privacy Apple has been talking about a privacy-first approach to AI ever since the launch of Apple Intelligence back in 2024. The general philosophy at the company is that AI should utilize on-device processing wherever possible. If user data never actually leaves their device, then there are no privacy concerns to be had. Siri AI has been built with this express purpose, to run on your phone and without ever sending your data to a server in the cloud. The emphasis on on-device processing is part of the reason why Apple Intelligence can't run on devices with less than 8GB of RAM. AI can be rather demanding, and there are features that physically can't run on a smartphone -- even if it is as powerful as a flagship iPhone. With that in mind, Apple worked to develop a private way to utilize cloud computing, without compromising that initial privacy promise. Apple revealed Private Cloud Compute two years ago and said that it would allow the best of both concepts. Data would only be processed for the length of each request, meaning none of it would be stored on an external server. Apple also claimed that data would be inaccessible, and pledged to have the whole architecture inspected and verified by independent security researchers. 2026 has seen Apple team up with Google and Nvidia to help enhance new AI features, including the newly-unveiled Siri AI. While Apple seemed to want to be able to do everything itself, that just wasn't happening and this was the easiest way to get the long-delayed Siri AI upgrade out into the world. This means Apple Intelligence's cloud AI now runs on Nvidia GPUs within Google's cloud infrastructure -- but the privacy promise is still there. Private Cloud Compute is still being employed, but is now working alongside Nvidia's own Confidential Computing. Confidential Computing is a hardware system that ensures that data processed in the cloud stays secure and inaccessible as it is being processed. So the simple explanation of how everything works is that Apple is enforcing rules that prevent data from being stored, while Nvidia has built the systems that actually prevent unauthorized access. So even though these are technically Google servers, thanks to Siri AI's reliance on Gemini models, the same Apple privacy commitments as before are still being enforced. This means that Apple Intelligence is probably the most privacy-friendly AI suite around right now. But that doesn't mean I'm happy to put my trust in it. I don't like AI being able to sift through my digital stuff Here's the thing. it doesn't actually matter how secure Apple makes its AI, I'm still not too keen on it being able to dive into the depths of my phone to score for data. It doesn't matter if the goal of that is to hand over some random piece of potentially-helpful information when it thinks I might need it. I've used a similar kind feature before, Google's Magic Cue, during my time testing for the Google Pixel 10 Pro review. I found that the feature had the potential to prove useful, especially if it managed to surface the right information in the middle of a phone call. One good example of that is when I called the vet to ask about something, and was shown the date of my dog's next appointment. That's something I had been meaning to ask about, because I couldn't find the confirmation email in my inbox. But since it was there, I probably would have uncovered it eventually -- regardless of whether the AI is involved or not. I eventually turned Magic Cue off. One reason was I was never actually using it all that much, but the main issue I had was the way it managed to find and present information felt supremely creepy. The Google factor definitely played a part in that, and despite Google's many assertions that it cares about user privacy I find myself struggling to believe it. The last thing I want is for a company that makes the bulk of its money from advertising revenue to have unfiltered access to my personal data. At least no more than it already has, considering I'm primarily an Android user. That kind of mindset is quite hard to overcome, and the fact that Apple's privacy train is still moving ahead at full speed isn't enough to actually change my mind. It is still rather creepy when a machine is able to locate and reveal information without me ever asking for it to do so -- no matter how helpful it's actually being. Bottom line I am not the biggest fan of AI in general, and I have made absolutely no secret of that. In my mind, the prospect of improved AI on a phone is not a selling point -- it's a reason to consider looking at other devices. It doesn't necessarily matter what those features are, or the things they promise to be able to do, I just do not see the appeal. Honestly, I don't even use voice prompts unless I'm driving, and prefer to do these things myself The fact that Apple is so focussed on privacy is definitely a good thing. The fact that our data has become a commodity that we have very little control over is disturbing, and anything to prevent that is worth celebrating. But all the privacy and security in the world doesn't change the fact that contextual AI features are rather creepy. It doesn't matter what the information is, or how relevant it might be to the conversation. It just weirds me out, and I'm not sure I will ever be able to get over that. Follow Tom's Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds.
[10]
Apple Reveals New AI Architecture Built Around Google Gemini Models
Apple today announced a major overhaul of its Apple Intelligence platform, revealing a new architecture built on foundation models developed in collaboration with Google using the technologies behind the Gemini family. The new architecture centers on Apple Foundation Models co-developed with Google, which Apple says are adapted to run both on-device and on servers through its existing Private Cloud Compute infrastructure. Apple described the collaboration as a "deep" one that it says unlocks what it called a "huge upgrade" for Apple Intelligence, bringing state-of-the-art understanding and reasoning capabilities as well as multimodal support including image understanding and generation. The upgraded models support new capabilities use cases, including realistic image creation, advanced photo editing, and visual question answering. Certain devices will receive a higher-power version of the model with additional capabilities including speech generation, improved dictation accuracy, and stronger natural language understanding, though Apple did not specify which devices qualify. A new system orchestrator sits at the center of the revised architecture, coordinating Apple Intelligence features securely across Apple's platforms. Apple says the orchestrator allows the system to tailor its responses based on the active app and the user's current task, enabling what the company described as truly system-wide intelligence. Apple used the announcement to frame its approach as a contrast to competitors it characterized as "racing forward" without regard for users. On privacy, the company reiterated that Apple Intelligence relies on on-device processing and Private Cloud Compute, with a promise that user data is only used to execute the immediate request and is not accessible to Apple or third parties. Apple added that outside experts can verify those privacy guarantees "at any time."
[11]
Apple rebuilds Siri on Google AI and Nvidia chips at WWDC
Apple rebuilt Siri on a custom 1.2T-parameter Gemini model running on Nvidia Blackwell GPUs in Google Cloud. Federighi says requests are never stored. The company unveiled five new AI models and a three-tier privacy architecture. Apple's most important AI announcement at WWDC 2026 was not a feature. It was an architecture. The rebuilt Siri runs on a custom 1.2-trillion-parameter model built on Google's Gemini technology, hosted on Google Cloud servers powered by Nvidia Blackwell B200 GPUs. For the company that made privacy its premium product, outsourcing AI inference to its largest competitor's cloud requires an extraordinary amount of trust engineering. The three-tier system Apple now routes Siri queries through three layers. Simple tasks stay on-device using Apple's own models. Moderately complex requests go to Apple's Private Cloud Compute servers. The heaviest reasoning tasks route to Google Cloud. At each tier, Apple says queries are anonymised and tokenised so neither Apple staff nor Google can link requests to individual users. What Federighi said "We use none of the models that Google deploys to its customers," software chief Craig Federighi said at a WWDC media event. "Your requests are completely private to you. They're never stored. They're never accessible to anyone." The contract with Google reportedly bars the company from training future models on Apple user data. Nvidia's confidential computing feature encrypts data while it is being processed on the Blackwell GPUs, adding a hardware-level safeguard on top of the contractual one. No independent audit of the Google Cloud tier has been published, and contractual bans on training can be renegotiated in future deals. The five new models Apple unveiled the third generation of its Apple Foundation Models (AFM), a family of five models distilled from Gemini: AFM Core, Core Advanced, Cloud, Cloud Pro, and Cloud Image. The most powerful, AFM Cloud Pro, offers quality that is "similar" to Google's frontier Gemini models, according to AI VP Amar Subramanya, though no independent benchmark has confirmed the comparison. All five are custom-built for Apple Silicon, trained with proprietary data and reinforcement learning. The on-device models handle basic tasks without any data leaving the phone. Why this is awkward A year ago, Federighi and marketing chief Greg Joswiak dismissed the idea of a "bolted-on chatbot" at WWDC 2025. Now Siri is a conversational chatbot. When asked what changed, Federighi said: "We see Siri not as a separate chatbot, but rather as an integral but conversational tool that you use in the moment." Apple also settled a $250 million class action last month over marketing AI features in 2024 that were not ready when the iPhone 16 launched. The company acknowledged through Siri engineering lead Mike Rockwell that previous attempts to revamp the assistant "didn't meet Apple's standards." The Google dependency question The deal with Google is reportedly worth roughly $1 billion per year. It gives Apple access to frontier-class AI without building it from scratch, but it also creates a dependency on a company that is simultaneously Apple's biggest rival in mobile operating systems and its largest source of search revenue. For users, the question is whether Apple's privacy architecture is strong enough to survive the combination of Google models, Nvidia hardware, and cloud inference. For investors, the question is whether Apple's late entry into AI can recapture the ground it lost while trying to build everything in-house. WWDC 2026 is Apple's answer to both. September, when the features ship, is when users get to decide if they believe it.
[12]
This is how Apple built 'a Siri that's profoundly more capable' -- and yes, it was done with Google and Nvidia's help
The all-new Siri AI is the product of intense collaboration between Apple and Google that stops short of Google's AI assistant When Apple talks about how it used Google's Gemini foundation models to build the all-new Siri, without using the Gemini app, it can start to sound like semantics. But a deep dive with the team that built the Siri we were promised almost two years ago quickly disabuses you of that notion. "This is the amount of the Google assistant we use, which is none," said Apple's senior vice president of Software Engineering, Craig Federighi, on Monday, just hours after Apple finally unveiled the Siri we'd been promised two years ago during Monday's WWDC 2026 Keynote. Wearing his trademark tight blue dress shirt, Federighi sat alongside Sebastien Marineau, VP Software at Apple, Amar Subramanya, VP, AI, at Apple, and Apple's VP of engineering, Mike Rockwell, on the small Developer Center stage, a relatively intimate setting compared to the vast outdoor Keynote venue situated just outside the vast Apple Park ring. It was in this darkened hall, with outgoing Apple CEO Tim Cook and his successor, John Ternus, looking on from front-row seats, that Federighi and company dug into the thorny architectural details of building a more personable, contextual, and deeply integrated Siri that spans the Apple ecosystem. They were, in a way, celebrating the late delivery of a promise but also reckoning with the reality of what the tumultuous past 24 months have wrought. From a macro level, Siri is now a vast and complex system that includes one very powerful local, multi-model model and a series of even more powerful cloud-based ones that all live in some versions of Apple's Private Compute Cloud. The models feature names like AFM Core, AFM Cloud Pro, and ADM Cloud Images. "Every model is a significant leap based on quality and operation compared to previous generation models," said Subramanya. I was inclined to agree after seeing demos both during the architecture talk and later during one-on-one demos. Think of Siri AI and the Siri App as Siri unleashed. Siri reborn It has, it appears, full knowledge of your first-party Apple app capabilities and can quickly make the leap from a query in one app to the contextual information sucked right out of, say, Messages. It appears to know that the image of a month's worth of planned soccer games you just opened on your desktop is a schedule that it can add to your calendar. It sees images on the desktop and through the camera. It remembers the context of a conversation and uses a more convincing voice to guide you through the most complex tasks. In a word, this Siri seems smart. But Apple would not have gotten here without Google, and, it turns out, Nvidia. Just how involved was Google? Apple makes no secret of its use of Google Gemini foundation models, but the scope of its involvement was thrown into stark relief by a schematic Federigi used to explain the inner workings of Siri's architecture. A model collaboration As you can see, there are boxes for all the new models and system components; all of them are color-coded, but with just two different colors: solid blue for Apple's own builds, and a sort of mix of blue and white for Apple and Google co-developed models. Every single model is co-developed. Apple's solo work is largely in what sits over all of this. Here's how Apple explained the clockwork to us. The system starts with, naturally, speech recognition, which produces the query text. After that, it's the job of the all-important System Orchestrator to build a prompt and send it to the foundation models. It's also at this stage that Apple's system decides if the query will be handled within the large, 20 billion parameter AFM Core Advanced model (up from 3 billion on the current Siri model) or be sent to Apple's Private Cloud compute and one of the larger models, which includes AFM Cloud, AFM Cloud Pro, and ADM Cloud (for a diffiusion model for image generation). A smarter way of parsing parameters One of the big innovations here, and why Apple can have such a vastly large model on your iPhone, is in how it handles parameters. Normally, because each query can have many different requests and require a variety of parameters, all those parameters are loaded into memory at once to meet the demands. It's a huge strain on memory and battery life and, with 20 billion parameters on Apple's AFM Core Advanced model, simply not practical. So they built something called a "scarce model." "Unlike the server models, what core advance does is it looks at the entire request, chooses the right set of parameters, and then locks them in for the entire request. And so you're not having to reload parameters with every token and this dramatically cuts down the cost of loading these parameters," said Subramanya. Even though these models are co-built with the latest Gemini models and will be updated with future Google Foundation Model work, at no point in that pathway is Google Gemini taking the wheel. Instead, Apple took the same approach it's taken for most of its innovation partnerships. It identifies the best-in-class component or technology and then has the partner build a bespoke version. In this case, the collaboration is, perhaps, richer, since Apple is co-building these models, but its interest in Google's AI capabilities stops short of the app client. The customer experience is and should feel completely Apple. Apple, Google and Nvidia, perfect together The back end, or cloud side, is a far more collaborative effort than you might expect from Apple. For a company that's built its name on privacy and security, it's been forced to work with third-party partners to wrench their cloud offerings into secure spaces that satisfy both Apple and its customers' demands and expectations of privacy. The idea of Private Cloud Compute (PPC), originally introduced with Apple Intelligence in 2024, is a cloud space big enough to accommodate models too large for on-device computation, while also replicating the privacy structure found on local devices. That's easier to do when you control all the servers, but in the new world of Siri AI, Apple has opened up PPC to Google and a new Apple Intelligence partner, Nvidia. To run far more powerful models like AFM Cloud Pro, Apple needed "the latest technology from NVIDIA, and so we set out to extend private cloud compute to third-party cloud," explained Subramanya. Nvidia was already working on something it called confidential compute, but it didn't meet Apple's stringent PPC criteria. "We set out to design this with Google as a collaboration," said Subramany. The solution comprises, in part, Nvidia GPUs and redundant security components from Intel and Google. The moment of truth In essence, Apple's Private Cloud Compute now lives on Nvidia and Google servers, but Apple execs insist, "Apple devices can only talk to software signed by Apple," meaning that if these systems do not have software signed and verified by Apple, Siri won't connect with them. This is unquestionably a vastly different Siri than the one you might be using on your iPhone 17 Pro today, but it's also quite similar to what Apple demonstrated but did not deliver in 2024 or 2025. Federighi and company didn't rehash all the hurdles and false starts of the past 24 months, but VP of Engineering Mike Rockwell did offer a rare glimpse into what was clearly a pivotal moment. "Last year, we had actually built a first version of this that was sort of incremental on top of the original Siri...and we had it working, but we didn't feel it was really delivering on the vision and the experience that we wanted to do, and so we also had a design which required much more extensive changes. And we decided to go with that. And so we went back, and we rebuilt Siri from the ground up," said Rockwell. What's not clear from this is if this was the moment Apple realized it couldn't go it alone, it needed Google and its powerful Gemini models to fulfill its vision, but without somehow letting the Gemini experience take over. Siri AI is that successful melding of Apple's original vision for artificial intelligence with, perhaps, the best generative models in the business. And like all the best consumer software experiences, you don't have to know how the sausage is made, just that it works exactly as Apple promised and you want it to. Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
[13]
Why Apple's on-Device AI is NVIDIA's New Problem
Apple's 2026 Worldwide Developers Conference (WWDC) highlighted a significant shift in artificial intelligence, focusing on on-device processing rather than cloud-based systems. Nate Jones explains how Apple's approach, built on its Apple Foundation models and Core AI framework, emphasizes user privacy and localized integration. This move not only reduces reliance on external servers but also introduces new challenges for NVIDIA, whose AI dominance has been rooted in cloud infrastructure. By embedding AI directly into its devices, Apple is altering the balance between personal and centralized AI solutions. Explore how Apple's collaboration with NVIDIA and Google influences its private cloud capabilities. Learn how developers can use Xcode agents to deploy AI models locally and examine the implications of this shift for competition between device-first and cloud-first AI strategies. Apple's Vision for AI Apple's AI strategy is built around decentralization, focusing on integrating AI into devices and private cloud infrastructure. This approach ensures that AI processes occur closer to the user, enhancing privacy and giving individuals greater control over their personal data. By embedding AI capabilities directly into its operating systems, Apple aims to deliver a more intuitive and efficient user experience. This vision is rooted in trust, user-centric design and seamless interaction with apps, files and user context. It positions Apple as a key innovator in the competitive AI landscape, offering a distinct alternative to cloud-reliant models. Highlights from WWDC 2026 The announcements at WWDC 2026 reflect Apple's commitment to redefining AI and creating a cohesive ecosystem. Key highlights include: * Enhanced Siri AI capabilities and the introduction of Apple Foundation models. * On-device AI functionalities designed to improve privacy and performance. * Expansion of private cloud compute, using Google Cloud and NVIDIA GPUs for advanced AI tasks. * Improved App Intents, allowing deeper integration between apps and Apple's AI ecosystem. * Developer tools like Core AI and Xcode agents, facilitating local model deployment and tighter alignment with Apple's AI framework. These advancements underscore Apple's focus on creating an AI ecosystem that prioritizes user trust and seamless functionality, while empowering developers to innovate within its framework. Enhance your knowledge on Apple WWDC 2026 by exploring a selection of articles and guides on the subject. Collaborations with Google and NVIDIA Apple's partnerships with Google and NVIDIA play a crucial role in its AI strategy. By integrating Google's Gemini technologies into Apple Foundation models, Apple enhances the capabilities of its AI systems. Meanwhile, NVIDIA GPUs power Apple's private cloud compute, allowing high-performance AI processing for complex tasks. Despite using these external infrastructures, Apple maintains strict control over the user experience. This ensures that its devices remain the central platform for personal AI interactions, reinforcing its commitment to privacy and user-centric design. Opportunities for Developers Apple's AI strategy opens up new opportunities for developers while presenting unique challenges. By emphasizing clean data models, permissions and actions, Apple ensures that third-party apps integrate seamlessly with its operating systems. Developers are encouraged to move beyond standalone AI features and align their applications with Apple's broader vision of an agentic operating system. Tools like Core AI and Xcode agents simplify the process of deploying local AI models, empowering developers to create innovative, device-centric applications. This approach not only enhances the user experience but also fosters a more cohesive and efficient AI ecosystem. Strategic Implications for the AI Industry Apple's approach to AI has significant implications for the broader industry. By prioritizing on-device AI, Apple directly challenges NVIDIA's dominance in cloud-based AI solutions. This strategy has the potential to shift the AI value chain, redistributing economic benefits toward hardware, software and services. Apple's focus on creating a trusted action surface positions its devices as the default platform for personal and workplace AI. This move could reshape the competitive landscape, forcing other companies to rethink their strategies and adapt to a more decentralized AI model. Impact on Consumers and Businesses For consumers, Apple's integration of AI into its devices offers several tangible benefits. By reducing the need for context switching and streamlining administrative tasks, Apple delivers a more efficient and seamless user experience. The emphasis on privacy and trust addresses a critical concern for users, fostering confidence in Apple's AI systems. In the workplace, Apple's consumer-first approach could significantly influence AI adoption. As employees increasingly rely on personal devices for professional tasks, the convergence of consumer and enterprise AI becomes more pronounced. This shift has the potential to drive widespread innovation, allowing businesses to use AI in ways that are both practical and secure. The Future of the AI Race The competition in AI is evolving, with the focus shifting from building the most advanced models to controlling the platform where AI interacts with users. Apple's strategy aims to dominate this "trusted action surface", positioning its devices as the primary interface for personal AI. This shift could redefine the AI race, with future breakthroughs likely emerging from those who control the default AI platform rather than those with the most compute power. By embedding AI into its ecosystem, Apple is not only challenging its competitors but also shaping the future of AI in both consumer and enterprise contexts. This strategic move underscores Apple's commitment to innovation, privacy and user-centric design, making sure its continued relevance in the rapidly evolving AI landscape. Media Credit: AI News & Strategy Daily | Nate B Jones Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.
[14]
Apple Rebuilds Siri AI With Models Distilled From Google's Gemini, But Daily Usage Limits Are Coming
The undisputed star of the show is finally here. Apple has just unveiled the all-new Siri AI, which is powered by the much-improved Apple Foundation Models. Siri AI has world knowledge as well as your personal information on its fingertips, and is fundamentally on-screen aware Apple is now debuting a fundamentally improved Apple Intelligence architecture, which consists of new Apple Foundation Models that have been distilled from the very capable Google Gemini models, all coordinated by an orchestrator. Critically, Apple is NOT using Gemini models on your devices. Of course, depending on the capability of your existing Apple device, you might get higher-power Apple Foundation Models, with the ability to generate speech, high-fidelity dictation, natural language understanding, and more. Privacy is at the core of this new architecture, which leverages only on-device processing and Private Cloud Compute. Apple says third-party experts can verify the privacy-related credentials of this architecture. Now, let's move to the all-new Siri AI, which is built into the Dynamic Island, has access to personalized context, and remains on-screen aware. For instance, you can now ask Siri AI about an upcoming concert and add the corresponding date to your Reminders with simple voice commands. It can also tell you what a particular image is about, surface personalized context related to that image - a friend who lives near a park, for instance - and give directions to that friend's residence. Now, you can activate Siri AI with a simple swipe-down from the Dynamic Island. What's more, you can conduct seamless back-and-forth conversations with the new voice assistant in natural language. On Macs, Siri AI is integrated within Spotlight. Users can simply right-click any window or item to activate the voice assistant. What's more, the Siri app now stores your complete conversation history, one that can be deleted at your discretion. Interestingly, in visionOS, you can place Siri AI anywhere in your field of vision, and activate it by simply looking at it. Siri AI is also integrated within the Camera app, where it can recognize items, and give feedback, or allow you to take actions. For instance, you can aim the camera at a restaurant bill, and then immediately start dividing it up to split it with friends via Apple Cash. When you write with Siri AI in Mail and Messages apps, it can now customize to your typical style and how you usually communicate with different people. Siri AI public beta is coming next month, with general availability scheduled with the new OS release, replete with some daily restrictions on usage (and additional usage available with iCloud+). Follow Wccftech on Google to get more of our news coverage in your feeds.
[15]
Apple is running its most powerful AI on Google's cloud: Here's what that means for your privacy
For years, Apple has made sure that you knew that your data belongs to you. Be it on the device or on the cloud - whatever they do with it, they keep it safe and within your control. It is the core principle of their brand, and something that has become almost an identity trait over the years. That is until WWDC 2026 came around. Also read: Apple just gave Safari AI superpowers: Here is how it can make your life easier Somehow, somewhere during the Liquid Glass keynote, Apple announced what it would have seemed impossible to happen a couple of years ago - their most sophisticated AI model is running on the servers of Google with Nvidia's hardware. The same Apple that built such a solid privacy story that it was a marketers' dream - "What happens on your iPhone, stays on your iPhone" - has finally turned to its arch-rival's cloud computing platform to host its most compute-intensive AI tasks. To be fair, Apple isn't being deceptive about it. The company's own security blog describes the Google Cloud expansion as "extending our industry-leading PCC privacy commitments to third-party data centres for the first time." The key phrase there is for the first time. Apple said it itself. This is new territory. Also read: WWDC 2026: 5 big changes coming with macOS 27 Golden Gate and iPadOS 27 This aspect of the argument by Apple seems perfectly reasonable. The measures of privacy taken on behalf of Private Cloud Compute include encryption of data in transit, absence of persistence, and cryptographic authentication of all nodes. Nvidia, on its part, uses the confidential computing functionality that ensures encryption during processing operations. Control over all cryptographic actions remains with Apple. In addition, the binaries can be analyzed by security specialists. The architecture, apparently, does not really mind what data centre they are deployed to. But there is a fundamental difference between an architecture and trust. The Apple's brand related to privacy has never been a simple technical specification. It was always a promise regarding who is going to have access to your data - as few people as possible, ideally none besides Apple itself. Once you start adding components provided by Google, Nvidia, and Intel into the picture, this promise becomes a bit blurred. What became clear through WWDC 2026, however, is that Apple has reached its limit. Despite the capabilities of its custom hardware, Apple has had to resort to the only infrastructure capable of running such advanced AI technology as new Siri - which happens to belong to Google. The privacy protections may hold. But the story Apple told about why you should trust it just got a few more authors.
Share
Copy Link
Apple revealed at WWDC that its upgraded Siri AI runs on Google's infrastructure using Nvidia hardware, marking a significant shift from its previous approach. The company insists its user privacy protections remain strong through an upgraded Private Cloud Compute system, even as it relies on third-party infrastructure. The move raises questions about how Apple balances its privacy commitments with the computational demands of modern AI.
Apple confirmed at its Worldwide Developers Conference that Siri AI, the company's long-delayed assistant upgrade, now runs on Google servers equipped with Nvidia hardware
1
. This marks a dramatic departure from Apple's previous stance of running AI models either locally on devices or exclusively on Apple-controlled server hardware. The shift reflects the computational reality facing Apple AI: the company's own hardware infrastructure couldn't provide the capacity needed to support advanced language models at scale1
.
Source: Digit
Craig Federighi, Apple's senior vice president of software engineering, explained that Apple Intelligence relies on a tiered architecture managed by the System Orchestrator, an on-device feature that determines which model handles each query
1
. Most devices run AFM 3 Core, a new Gemini-based model co-developed through the Google Gemini partnership. Devices with at least 12GB of RAM use AFM 3 Core Advanced, which leverages additional hardware for improved dictation and more expressive voice capabilities1
.For complex queries requiring more computational power, Apple deploys cloud-based Apple Foundation Models including AFM 3 Cloud for general use, ADM 3 Cloud for image generation, and AFM 3 Cloud Pro for advanced reasoning. The Cloud Pro model, derived from a specialized version of Gemini with approximately 1.2 trillion parameters, runs entirely on third-party infrastructure
2
. This arrangement reportedly costs Apple about $1 billion annually2
.
Source: CNET
To maintain user privacy on Google servers, Apple upgraded Private Cloud Compute with multiple security layers. The system now uses Nvidia's Confidential Computing, Intel's Trust Domain Extensions, and Google's Titan security chip
1
. Apple maintains "a cryptographically verifiable, append-only ledger" of all Google Cloud hardware in the Private Cloud Compute fleet, and devices only trust software signed by Apple1
. However, the company acknowledges these Google Cloud servers don't yet support all the same protections as Apple's own infrastructure, with complete protections rolling out throughout the summer preview period1
.The System Orchestrator ensures only necessary data leaves devices, a critical component of Apple's privacy promise
1
. Federighi emphasized that on-device processing handles simpler queries entirely, while Private Cloud Compute "vaporizes" any record of data immediately after answering questions. "This is not stored. It's all in a form where it's completely transient," he explained5
. The architecture represents Apple's attempt to balance the computational demands of modern AI with its longstanding commitment to keeping user data private3
.
Source: The Verge
Yet security researchers identify vulnerabilities in this expanded access. To execute tasks across multiple apps, Siri AI requires deep access to messages, emails, photos, and calendars—data Apple previously walled off
2
. Natalie Shapira from Northeastern University warns that "autonomous agents significantly expand the attack surface for prompt injection"2
. The risk of indirect prompt injection—where malicious instructions embedded in emails or websites trick AI into leaking private data—represents what researcher Simon Willison calls a "lethal trifecta"2
.Related Stories
Florian Schaub, a privacy researcher at the University of Michigan, notes that while Apple's openness to outside inspection is welcome, "consumers often lack the expertise to inspect code"
2
. Until Apple opens its hybrid cloud arrangement with Google to the same external inspection it promises for Private Cloud Compute, the security of transient data routing rests largely on the company's word2
.The company's privacy pitch becomes more critical as it trails competitors in AI capabilities. Apple is "undeniably behind almost every competitor on AI, even after yesterday's announcements," making its privacy differentiation essential
4
. Unlike Google's Gemini, which collects prompts, files, and conversation recordings for 18 months by default, Apple claims it doesn't store conversation logs except on-device in encrypted iCloud accounts4
.Apple notably avoided excessive hype around agentic AI at WWDC, focusing instead on practical applications
5
. The company did introduce limited agentic features, including automatic password changes for compromised accounts and Safari's "Notify Me" function for tracking website changes5
. Siri AI won't reach iPhones or iPads in the European Union at launch, with Apple citing the Digital Markets Act as the reason, though the service will run on Macs and other devices there2
.The multi-modal model approach allows Apple Intelligence to understand speech and images while working across apps
3
. Whether Apple's upgraded privacy architecture can withstand scrutiny while running on Nvidia hardware in Google's data centers will determine if the company's privacy promise remains credible as it catches up in the AI race.Summarized by
Navi
[2]
09 Jun 2026•Technology

13 Mar 2025•Technology

10 Sept 2024

1
Policy and Regulation

2
Policy and Regulation

3
Policy and Regulation
