Your answer shows how we all have a very different idea of what our own desired privacy level is. Or what privacy even means.

If you think that sending data to a remote server is equally private to not sending it, then you are the one who doesn't know what privacy means.

Of course it's fine to not desire privacy, or to desire a privacy level that is less than private. That's up to you. I liked the privacy of my old Canon digicam that had no internet. A photo app on a phone that sends stuff over the network might bring some useful functionality in return, but it can only be considered a regression in terms of privacy.

Privacy isn't a binary option. There are levels of privacy between "private" and "not private".

What Apple has implemented is a LOT closer to "private" than "not private"

Sure, but if we follow that line of thinking to its logical conclusion, we must move to a cabin in the woods, 100 miles from the nearest civilization, growing our own food and never connecting our computing devices to anything resembling a network.

No? You can have a photos app that doesn't phone home while not having to move to a cabin in the woods. See: every photos app that doesn't phone home, and I currently don't live in a cabin in the woods.

I've read the post you're responding to like 3 times, and after pondering it deeply, I'm pretty sure the conclusion of their line of thinking pretty definitively stops at "Apple should not be sending data off the device without the user requesting it." If you think otherwise, you should maybe provide more of an argument.

The line of thinking is right there: "not sending any info to anyone else anywhere at any time"

There are way more egregious privacy concerns than sending non-reversibly encrypted noisy photos to Apple. Why draw the line here and not the far worse things happening on your phone and computer right now?

Demanding consistency of the human psyche is a fool's errand.

It is probably reasonable for average end-user to expect that landmark based search works without enabling the extra setting.

They have option to disble if they care.

The initiative is for the user to command their computer to communicate or not with the information of their choosing.

"Computer, I command thee to send this and only this information over the channel of my choosing, using following encryption scheme, for here be my seal of approval for anyone who might want to verify, and here be the key"

"Sicut Vult"

I understand the enthusiasm but from the business perspective it does not matter. Many businesses would fail if they go too deep on this. Their only audience would be people who are experts in the area. Other people are confused and disappointed since things are not working as they expect.

On Apple's scale, most people care about the things they can do, not about how it happens. For that reason, default matters when the option is only about the internal process pipeline and privacy.

As a result, it is enough to showcase that in case some expert investigates the matter, they show that privacy is considered in a reasonable level.

Maybe some day in the future these things are common knowledge, but I fear that the knowledge gap just increases.

Because the conclusion is not workable.

Almost every single app today interacts with the network in some way.

You would be constantly annoying the user with prompt after prompt if you wanted to get consent for sending any relatively harmless data off the device.

It's telling that Android, for example, has all sorts of granular permissions you can set for an app, but "Network Access" is not one of them.

My Calculator app does not need to call home.

A good portion of the apps I use fall into this category, and a straightforward mechanism to opt them out of access would be welcome.

FWIW, a "Network Access" app permission is one of the features that GrapheneOS provides. It is only setting offered to the user every single app install. It should be in base AOSP, and I have to wonder why it isn't already.

Ah the GDPR complaint. Just don't collect the data and you won't be annoying anyone!

It's not charitable to construct a contrived situation no one is talking about and place that into the mouth of a commenter.

It is a spectrum, and I'd love to be able to draw my own line. I have my own photo storage solution. I do not need Apple's.

This entire post is about a setting in Apple's Photos app.

Slippery slope fallacy. Nothing you said derives from not wanting to send information to remote servers, it's a false dichotomy.

Or just use Linux where no component phones home.

Plenty of Linux distributions phone home, in some way, by default.

They send user data? Source?

Debian has popcon, which must be enabled explicitly and that is it. It sends the list of the installed packages.