Apple may have quietly scanned all the photos on your iPhone and Mac. Without asking. Their new "Enhanced Visual Search" feature automatically scans photos for "landmarks," raising serious privacy concerns.
If you have an Apple device, chances are it's too late--all of your photos have already been scanned. Apple automatically enables Enhanced Visual Search (without asking users) on devices running iOS 18 and macOS 15.
No, Apple didn’t make a blog post or even notify their users before rolling it out to millions of users. They quietly updated their legal & privacy notice for the Photos app:
"Enhanced Visual Search in Photos allows you to search for photos using landmarks or points of interest. Your device privately matches places in your photos to a global index Apple maintains on our servers."
You can do the following to disable Enhanced Visual Search.
Settings > Scroll down to Apps > Photos > Scroll down to “Enhanced Visual Search” > Disable it
The only other heads up Apple gave was an Apple Machine Learning Research Paper: “Combining Machine Learning and Homomorphic Encryption in the Apple Ecosystem” - published in October 2024, the month after the release of iOS 18 and macOS 15.
In this paper, Apple claims they prioritize user’s privacy by using homomorphic encryption. HE is a type of encryption that lets you operate on encrypted data without having to decrypt it, this encrypted result can than be decrypted back on the individual’s device - and it should be equivalent to the computed result when working with the raw data.
Apple calls this Private Information Retrieval (PIR), and is planning to use this to look up information, such as an image for your caller ID, the logo for an incoming company email, and of course - Enhanced Visual Search - without needing to send Apple the unencrypted data.
There’s several problems with Apple’s approach to this:
None of the source code used in these mechanisms is open source or thus auditable
Very few people could give their thoughts on the cryptography or process
No dedicated information about about how Enhanced Visual Search works, what metadata it collects about your photos, and what is stored in the global index
There was no pre-warning or notification, much less a blog post sent out to the billions of users that would be effected
Why? Its my hunch that Apple are working on a massive database of landmarks tied with their locations on the planet. I define landmark as any and all buildings that have unique characteristics. With an index big enough of all of the buildings in the world and a reliable way to search them, you could correctly identify the location of any picture posted online.
This is similar to ChatGPT’s new o3 reasoning model, which can perform ‘geo-guessing’ tasks. Give it a picture and it’ll attempt to figure out where it is.
Its intriguing the way the o3 AI model goes about it, it will isolate different parts of the picture and ‘zoom in’ to enhance specific details, and search on the web to cross reference its visuals.
Apple may be working on their own geo-intelligence system that works similarly to what this AI is doing. And because Apple rolled this out automatically, opted in by default to potentially billions of users, to scan literally every photo on those phones - they’ve got a huge head-start.
This is nothing new, Apple’s MO has been in recent years to use their automatically deployed software to make their own users complicit in helping build their surveillance network, like zombies controlled by a virus.
We discovered in 2024 that Apple could surveil 2B+ WiFi access points on the planet and their movements, simply by running their own WiFi positioning service.
Steve Jobs said the following quote at the D8 conference in 2010:
“We’ve always had a very different view of privacy than some of our colleagues in the Valley. We take privacy extremely seriously. … That’s one of the reasons we have the curated apps store. We have rejected a lot of apps that want to take a lot of your personal data and suck it up into the cloud. … Privacy means people know what they’re signing up for. In plain English, and repeatedly, that’s what it means. Ask them. Ask them every time. Make them tell you to stop asking if they get tired of your asking them. Let them know precisely what you’re going to do with their data.”
If only he could see Apple today. It feels good to be reassured by a passionate Steve as CEO, but no legacy is forever. We can’t count on tech companies to protect us, we must take matters back into our own hands.
Right now the only way to do that is to throw away the phones that don’t respect you or ask for your consent, and replace them with an open platform or operating system.
Above Phone runs open-source operating system GrapheneOS, where critical services to the phone like location, and time are open source and configurable.
If you’re wanting to make a change and fight the tide against surveillance - its time to take the first step.
Check out Above Phone or install GrapheneOS on your own device.
To improve your privacy on a normal phone, check out our 5 Must Change Privacy Settings Guide.
Watch this full episode
Follow the #TBOT Show
Get privacy gear
Share this post