Speaking to Fast Company’s Michael Grothaus, Apple senior vice president of software engineering Craig Federighi detailed a little more about the privacy-related announcements Apple made at its WWDC keynote, including iCloud Private Relay:
When you navigate to a website through Safari, iCloud Private Relay takes your IP address, which it needs to connect you to the website you want to go to, and the URL of that site. But it encrypts the URL so not even Apple can see what website you are visiting. Your IP and encrypted destination URL then travels to an intermediary relay station run by a third-party trusted partner. Apple would not name these trusted partners, but says the company is working with some of the largest content providers out there. Before getting to this relay station, however, your IP address is anonymized and randomized, so the relay partner can’t identify you or your device. Then at the relay station, the destination URL is unencrypted, so the third-party provider can send you on to the website you want to go to.
Because of this dual-hop architecture, neither Apple nor the relay station knows both who you are and where you are going. Apple knows who you are (because you are using iCloud Private Relay), but it doesn’t know where you’re browsing. Its third-party partner knows where you are browsing–but not who you are.
There’s a real Heisenberg Uncertainty Principle to this: one entity knows who you are, the other knows where you’re going. But Apple and its unspecified “trusted partners” are going to be moving a lot of data here if every Safari connection is passing through their servers.
What was interesting—if unsurprising—is that iCloud Private Relay only works in Safari. That makes the sense, certainly, since it’s the place where users are visiting arbitrary sites, rather than apps where it’s often communicating with the developer’s server. But it also means that third-party browsers are out of luck.
This is of a piece with other changes Apple has made in recent years, including the Private Address feature in iOS 14, where Apple’s devices use a unique MAC address on each Wi-Fi network, to avoid tracking.
Also “in the notable and not at all surprising department,” iCloud Private Relay is not designed—as many VPN services are—to let you route around geographical-based locks that allow users to view content not available in their region. And Reuters also confirmed with the company that it also won’t be available in several regions, including China, Saudi Arabia, Belarus, Egypt, the Philippines, and other restrictive regimes.
However, iCloud Private Relay will be compatible with both third-party consumer and corporate VPN services; in those cases, some or all traffic will be transmitted through the VPN rather than the relay.