It looks like it's server-side.
I'm not a lawyer either, but I think there are two key differences here:
- Any images uploaded are clearly uploaded, not "drafted".
- This is not a supported service. It is not a permanent draft. There is no UI or documentation fr it. Nobody is promising you that the server cache won't be flushed in 10 minutes.
In T39992#424332, there is fear that terrorists or spies use that service to exchange messages so it doesn't need to be documented or even supported, just used.
Wikipedia supports storing private data via the options API, Gerrit supports storing private data via draft inline comments, Phabricator (and before that, Bugzilla) supports storing private data via saved searches, so it's not like this would change the status quo in any way. You would be hard-pressed to find any software product today which allows personal accounts but does not allow storing private data in those accounts in some way that could be technically used to distribute illegal material. I find it fairly ridiculous to suggest that any organization hosting any software capable of storing private data is in violation of German (or any other) anti-terrorism/child porn/whatever law.
Also, if "no private drafts whatsoever" is an actual decree from Legal, could they verify that? (CC-ing Luis.) Lets not spend too much time arguing on something that might yet turn out to be a myth.
I didn't want to suggest that (and it would be wrong). @Qgil's comment above seemed to say that distributing child pornography is only relevant if it is done in the form of images, and I wanted to mention aside from the question at hand that this (apparently) reflects US law, but not (for example) German.
I think Luis' reply is enough to decline this task. Phabricator is a third party tool that we are using. I see no reason to invest resources in developing and maintaining a local patch when there hasn't been any problem with this caching feature and when we have 'no blanket prohibition' from WMF-Legal.
I propose to close this task as Resolved. We have investigated this feature and we have decided not to disable it.