Apple holds the decryption keys to all iCloud data. True encryption is only the user has the keys to decrypt their data. I store some data on Synology's C2 Cloud backup. My data is encrypted and only I have the 100-character password to decrypt my data. Synology couldn't decrypt the contents even if forced to by the government. That is true encryption. Apple can say whatever they want as to why they have the keys, but end result is they can decrypt your data for any reason at any time. Yes, there is some risk with true encryption. If you ever lose your decryption password or key there is no way to ever recover your data. So Apple is trying to spin it as we want to help out the consumer so they never lose access to their data so we will always hold the keys to their iCloud data in case they ever lose it. So I guess you have to reconcile whether you trust yourself or another company more with the keys to your encrypted data. I know who I would trust more.