Because now they’re trying to make it legal.

No, not really. I read it as “iCloud Keychain is secure from outside attack” but not from an inside threat. The source is closed so nobody can verify Apple doesn’t actually have a backdoor in there.