> It would be trivial for Apple to push out silent targeted OS updates to specific individuals that would log decryption keys and send them to Apple.

I don't think they even need to do that. They are in control of the encryption process and obviously already process the data to create a persona of the user (after which it is no longer considered "user data")