If you pay for iCloud storage, then you automatically have access to the extra perks that Apple bundles together under the iCloud+ name—and one of those perks is the iCloud Private Relay service.
If you open the Settings app on your iPhone or iPad, tap your name at the top, and then choose iCloud, you should be able to access a Private Relay (Beta) toggle switch that you can turn on or off. It's also under Apple ID and iCloud in System Preferences on macOS. However there's not a huge amount of information alongside the switch telling you what it is and how it works.
That's what we're going to do here, with the help of new documentation that Apple has published about the ins and outs of iCloud Private Relay. By the time you've finished reading, you should know whether this is a feature you need.
As you'll see from the accompanying blurb, when you switch the feature on, iCloud Private Relay "keeps your internet activity private"—and it does that in a number of ways. One way is by hiding your IP address from the websites that you visit: Your IP address indicates where in the world you're connected to the web, and it's one of the key pieces of information that sites and marketers use to work out who you are.
When iCloud Private Relay is enabled, you've got two choices when it comes to IP addresses. You can carry on reporting your general location (which city you're closest to, more or less)—so that local data such as a weather forecast still shows up correctly—or you can go vaguer and only report your country and time zone to websites that request it.
As an additional flourish, the service encrypts your data as it leaves your device, which means no one can digitally eavesdrop on your communications. Many websites and apps already take care of this by default, but where there are gaps, iCloud Private Relay will fill them. It means that anything you type into a form inside a web browser, from searches to addresses, is kept away from prying eyes.
Finally, iCloud Private Relay also keeps your DNS (Domain Name System) queries secret—essentially, the websites you're looking up on your device. As with IP addresses, this data can be used to create a profile of who you are and what you're interested in, which in turn can be sold to advertisers. With iCloud Private Relay enabled, this is much harder for companies to do.
iCloud Private Relay deploys what Apple calls "dual-hop" architecture—there are two stops or relays between your device and the internet. One stop is run by Apple, where the IP address is visible but the name of the website you're visiting is encrypted; the second stop is run by Apple's "third-party partners" and knows the website you're visiting but not what your IP address is (it has the responsibility of assigning a new IP address for you).
No one gets to see every bit of information: Apple and your Internet Service Provider (ISP) get to see who you are but not where you're going, while the content delivery network (CDN) running the second relay can see where you're going but not who you are. Each part of the process is kept separate to protect your privacy.
To make the process even more effective, the IP addresses assigned to you by the second relay are rotated over time and between sessions, making it even harder for you to be tracked. The service is also designed so that new CDN partners can be brought in and plugged into the system without any disruption from the user perspective.
If you want to get really technical, iCloud Private Relay uses a variety of traffic transport and security protocols to keep all this rerouting efficient and private. The QUIC protocol (also used extensively by Chrome) is used to manage multiple data streams, for example, while a technology called Oblivious DNS over HTTPS (ODoH) makes sure you get to the right website even when your DNS requests are encrypted and obscured.
There are a few caveats and bits of small print to know about iCloud Private Relay. To begin with, it only functions through the Apple Safari browser on your iPhone or iPad, so it doesn't apply to any browsing you’re doing through an alternative mobile browser. It applies to data sent through apps, but only data that is unencrypted, and works across cellular networks as well as Wi-Fi.
There are some differences between Apple's service and a traditional VPN (or Virtual Private Network), which does a similar job. iCloud Private Relay can't be used to spoof your location, for example—you can't use it to pretend you're in a different country. You can only obscure your IP address.
It's also worth noting that traffic routed through a traditional VPN won't be handled by iCloud Private Relay, because the VPN will be doing its own rerouting and IP address assigning. While iCloud Private Relay isn't really a VPN replacement, it's a case of choosing one or the other when it comes to protecting your data and keeping your browsing private on an Apple device.
Apple says that its iCloud Private Relay service does not collect any unique identifiers or any information about who you are or where you're going on the internet. It also promises no "noticeable impact" on browsing speeds or performance as your outgoing traffic gets routed through these two internet relays, something which can be a problem with certain VPN services.
- 📩 The latest on tech, science, and more: Get our newsletters!
- The quest to trap CO2 in stone—and beat climate change
- Could being cold actually be good for you?
- John Deere's self-driving tractor stirs AI debate
- The 18 best electric vehicles coming this year
- 6 ways to delete yourself from the internet
- 👁️ Explore AI like never before with our new database
- 🏃🏽♀️ Want the best tools to get healthy? Check out our Gear team’s picks for the best fitness trackers, running gear (including shoes and socks), and best headphones
