It is worse tho. The surveillance apparatus doesn't care much about your actual words and images, but your associations and relations. This makes finding needles much more efficient and pre-encryption exfiltration circumvents user added measures, like third party iCloud encryption. And I am pretty sure this will be baked into the OS deeper than your VPN/DNS's reach. Opening up this side channel isn't undone by trusting some "icloud deactivation". Much less in your mind.

> Opening up this side channel isn't undone by trusting some "icloud deactivation".

If you can't trust that, then you can't trust the whole OS and all this speculation has been as valid as any given time.

With this argument you can dissolve anything in "why even bother?". In the real world it very much makes a difference, if the breach of trust is secretly implementing a side channel, or secretly using a documented one. The latter e.g. can maybe by activated "by accident" plausibly, but having a backdoor at all is hard to justify. And for a company like Apple, the size of a breach of trust matters for financial incentives.