This swings between so many wildly different things. Yes, Apple should be encrypting the contents of connections, by using a TLS connection and/or app-layer encryption. No, I don't think OSCP is inherently evil, although it should also use encrypted traffic if it doesn't today. And finally, I worked tech support long enough to understand why giant customer-facing corps don't enable E2EE by default, because it's a support nightmare.
But if you know what you're doing, turn on Advanced Data Protection (https://support.apple.com/en-us/HT202303) and take more of your data protection into your own hands.
But if you know what you're doing, turn on Advanced Data Protection (https://support.apple.com/en-us/HT202303) and take more of your data protection into your own hands.