I would lean on Apple not doing something like this unless they could get privacy right, but Apple is starting to crack on privacy, not only by embracing ads, but has been for sometime already behind the scenes, or at least when I left in 2022. There were strong forces pushing away from collecting less data and towards collecting more, all in the name of "improving user experience".

I worked in iCloud for the last 5 years before I left in 2026, in fact I wrote the mechanics behind "Hide My Email", which is gated through akd, the authkit daemon.

I had regular meetings with 'Privacy', and by that I mean the iCloud privacy team, the Engineering privacy team, and the Security privacy team. There are a lot of people whose job it is to see that Apple don't overstep the line regarding data-privacy, and if you're writing a proposal for a feature, getting signoff from Privacy is one of the checklist items before you'll get approval.

There is an inherent conflict between user-experience and data-privacy, because making users lives easier is often the less privacy-preserving choice, but I think Apple manages that judgement-call pretty well. I also know it hires people, a lot of people, who have veto power over feature-creep into areas that are privacy risks, sometimes to the extent that I looked on in disbelief, along the lines of "Ok, I have some keys, inside an owner-privileged data-vault[1], within which is an encrypted database acting as a temporary cache, which is created on user-login and destroyed on user logout, and you still want me to encrypt the individual keys inside the already-encrypted and access-restricted DB ? Really ? If data-vaults are broken, we have bigger problems than an email being discovered..."

[1] data-vaults, for the unaware, are kernel-enforced directories on the SSD that you need entitlements (rather than unix permissions) to access, which you won't have because only system-provided binaries from Apple will ever have them. It's how Apple Mail protects all your email, for example.