Skip to main content

Apple Moves To Block IP Addresses With Private Relay

By July 29, 2021August 18th, 2022News & Updates, iOS 14 & SKAdNetwork 8 Min Read

iCloud+ Private Relay adds a new layer of user privacy to internet searches

Apple’s Worldwide Developers Conference this year (WWDC21) did not send industry shock waves as it did last year when it announced its game-changing AppTrackingTransparency (ATT) requiring user consent and re-introduced SKAdNetwork for privacy-first attribution. With the announcement of iCloud+ Private Relay this year, however, it is setting a precedent for its ongoing mission to protect user privacy on iOS devices. The gist: iCloud+ Private Relay will further limit tracking of iOS user activity across the internet. 

What exactly is Private Relay?

Private Relay is Apple’s way of preventing entities from tracking iOS users across the internet and forming a user identity profile. It will redirect all network traffic through servers to hide a user’s IP address on Safari and is available to iCloud+ subscribers. (iCloud+ has added security features to their cloud services and is available to existing customers.) 

It’s worth noting that outside of the subscription, Apple will prevent pixel tracking within the Apple Mail app for all iOS users. It will also obscure an iOS user’s IP address on Safari to prevent entities (ie, third-party trackers) from using it as an identifier as users migrate from email to online content as well as protect their location. 

While at first glance Private Relay may sound like a virtual private network (VPN), it isn’t. Whereas a VPN hides a user’s location, Private Relay blocks websites from tracking users. Apple is also touting this as not only a benefit to its users but also to iOS apps and is a default feature intended to add a layer of protection to help prevent data leakage.

How does Private Relay work?

Currently, a user’s browsing on the internet is open, not considered secure or private, and is leaving a trail of data that Apple says users have not consented to for use by any entity. This openness enables entities to use fingerprinting tactics to identify users across websites even with Apple’s Intelligent Tracking Prevention in Safari. Information open to entities at present includes the IP address. 

Without iCloud+ Private Relay

With iCloud+ Private Relay, not even Apple will hold all the information of a user’s whereabouts. This privacy-by-design system will use two proxies (a proxy is a way to hide what’s being searched for). Each proxy will route traffic and secure it as the user searches without interruption and is managed by two entities: Apple and a content provider. The IP address will be visible to only the network provider and first proxy. The second proxy only sees the site name a user is searching for and uses it to build a connection to the server. No two entities can see both the IP and search name. 

Apple iCloud+ Private Relay

Intelligent Tracking Prevention, which already prevents tracking, will now also hide a user’s IP address as an additional way to prevent it from being used as a partially unique identifier.

How will Private Relay impact attribution?

In its User Privacy and Data Use policy, Apple has stated that it considers fingerprinting tactics a form of tracking. Since the release of ATT in late April, there has not been the anticipated enforcement of it, however, and it is likely still occurring as marketers would lose measurement visibility on a significant portion of their audiences without it. Likely to go into effect later this year, Private Relay (as well as other IP address blocking initiatives) is now expected to become the awaited enforcement arm to prevent fingerprinting altogether.

For more information about iCloud+ Private Relay, or to talk with an expert on our team, contact us