top of page
Writer's pictureESET Expert

What you need to know about iCloud Private Relay


If you want to try to enter the world of VPNs with a small dip, then iCloud Private Relay is your friend — but is it a true VPN service? The devil is in the details.


In 2021, Apple released a new feature for its iCloud+ subscription plan, one that had some people scratching their heads as to why Apple would offer such a service. We are talking about Apple’s iCloud Private Relay, a (sort of) VPN that is not really a VPN at all. It’s complicated.


What Private Relay is and how it works


iCloud Private Relay is an additional service offered within the iCloud+ subscription plan. The way it works is that it basically hides your IP address and Safari’s browsing activity by routing it through two relay servers, one operated by Apple and a second run by a third-party provider.


This way, when Private Relay is enabled, all of your browsing activity and data in Safari are routed through two internet hops. Firstly, your data is encrypted, after which it is sent to Apple, so your internet service provider (ISP) cannot see any of your web browsing activity. Then at Apple’s proxy server, the Domain Name System (DNS) request (your request to access a website) and your iPhone, iPad or Mac’s IP address are disassociated. Your IP address gets recorded by Apple, while your DNS request moves on, encrypted, to one of Apple’s partners that has the decryption key, along with a fake IP address based on your approximate location.


Sounds like a VPN, right? The act of routing internet traffic through another server, masking your IP and location…but it is not really a VPN for many reasons.


Why isn’t Private Relay a VPN?


1. Private Relay is an Apple device-only service. If you own an iPhone, iPad or Mac, after subscribing to iCloud+, you can find the toggle to turn on Private Relay within your iCloud settings. So no, it is not available on either Android or Windows.


2. It only works on Safari. While a VPN would route all of your traffic through a variety of servers and locations, Private Relay is restricted to traffic from Safari, Apple’s internet browser. That means your in-app activity from Instagram, TikTok or any other browser like Chrome does not get hidden the same way.


3. Private Relay does not fully shield your browsing habits. By accepting cookies, you can still be tracked. Plus, since the server traffic is still inextricably linked to the proxy your traffic comes from, it can still be isolated by a smart IT admin and blocked. So, as opposed to a traditional VPN, the traffic is not technically obfuscated.


4. Only two hops to cover your traffic can be seen as lacking. A traditional VPN would route it through multiple hops, connecting you to a series of servers to cover your trail before connecting to a website.


5. You can’t choose your geolocation. One of the main benefits of a VPN is that it can mask your location and behave as if you are in another country where a specific VPN vendor has a server. Private Relay, however, will only give you two options: to maintain a general location or to use only country and time zone.



So, why to use Private Relay then?


The reason why Private Relay is still an interesting service is that fundamentally, it still allows for a more private browsing and, more important, gives added protection for your browsing habits (on Safari, that is). Coupled with an effective ad-blocking Safari extension and a non-acceptance of tracking cookies, it presents an interesting opportunity to tailor your browsing and data sharing habits.


Private Relay works on iOS, iPadOS and MacOS under the same Apple ID with an iCloud+ subscription. Now, it is not as robust or as useful as a VPN, but using Private Relay can be a great and reliable option.


iPhone or Android, you should always be aware of your digital footprint


As touched on in some of our blogs on various forms of online tracking (like browser fingerprinting), there are many different ways you can be tracked online and often not solely for your own benefit.

Your personal data can be all over the internet, but thankfully, minimizing your presence doesn’t have to be a hugely daunting task. Here are a few tips to help you without much effort:

  • Reject cookies – the simplest (sometimes) step is to reject the cookies that are used to collect data for advertisers. Thanks to GDPR and other privacy regulations, all it often takes is to click “reject all” on the short pop-up windows that appear when you enter a website.

  • Use a VPN While it doesn’t fully cover your tracks (fingerprinting can still collect device data), VPNs obfuscate your IP, meaning that it is a lot harder to estimate your location.

  • Don’t overshare – On social media especially, try not to share too much personally identifiable information. The more data there is about you online, the easier it is for crooks to target you.

In conclusion, whether you are using Private Relay, a VPN or you turn to a more privacy-focused approach, having more control over your data online is a good thing. And every step you take toward complete privacy can make your life more (cyber) secure.

Comments


bottom of page