Interesting point. If you're using iOS, in theory they're using similar encryption for anything they store of yours. I suppose you're having to trust them too (although them violating that trust would be a major hit to their brand, though certainly not impossible). I suppose the only solution here would be to use an audited open source OS?