To further protect user privacy, Apple’s Private Cloud Compute (PCC) servers incorporate a range of security measures. A key feature is the Secure Enclave, a dedicated hardware encryption key manager. Each file system’s encryption key is randomized at every boot-up. This means that once a PCC server is rebooted, all data is erased and the entire system volume becomes cryptographically unrecoverable.
Apple’s Reno, NV data center | Image credit — Apple
Additionally, Apple has taken the unprecedented step of making every production PCC server build publicly available for inspection. This allows anyone to verify that the system operates as claimed and that everything is correctly implemented. All PCC server images are recorded in a cryptographic attestation log, providing an indelible record of signed claims. Each entry includes a URL for downloading that specific build. This transparency serves as an enforcement mechanism, preventing unauthorized PCC nodes from diverting traffic. iPhones won’t send data to servers whose builds haven’t been logged.