With every new version of iOS, Apple tries to provide new privacy and security-focused features to make the iPhone and iPad more secure, and iOS 15 is no exception. It is, in fact, a huge leap forward in privacy thanks to features like iCloud Private Relay and Hide My Email.
iCloud Private Relay
iCloud Private Relay is a new service that makes sure Safari traffic and other unencrypted traffic leaving an iPhone, iPad, or Mac is encrypted and uses two separate internet relays so that companies cannot use personal information like IP address, location, and browsing activity to create a detailed profile about you. When you’re browsing the web in Safari, for example, websites are not able to see
your IP address and location and cannot tie that information to track your browsing across different sites.
iCloud Private Relay is not a Virtual Private Network, or VPN. It works by sending all web traffic to a server that is maintained by Apple where information like IP address is stripped. Once the info is removed, the traffic (your DNS request) is sent to a secondary server that’s maintained by a third-party company, where it is assigned a temporary IP address, and then the traffic is sent on to its destination.
By having a two-step process that involves both an Apple server and a third-party server, iCloud Private Relay prevents anyone, including Apple, from determining a user’s identity and linking it to the website the user is visiting.
In this system, Apple knows your IP address and the third-party partner knows the site you’re visiting, and because the information is de-linked, neither Apple nor the partner company has a complete picture of the site you’re visiting and your location, and neither does the website you’re browsing.
Normally websites have access to this data and combined with cookies, can use it to build a profile of your preferences.
With a traditional VPN, you can select an IP address location to use, but that’s not the case with iCloud Private Relay. You are limited to your country. Apple says that its two-part relay process is more secure than a VPN, but it’s worth noting that it’s limited to Safari for web browsing and it does not work for alternate browsers like Chrome.
As outlined on Apple’s developer site, Private Relay protects only web browsing in Safari, DNS resolution queries, and insecure http app traffic. There is no complete device-wide protection as might be the case with a VPN.
iCloud Private Relay is subject to local regulatory restrictions and it will not be available in countries that include China, Belarus, Colombia, Egypt, Kazakhstan, Saudi Arabia, South Africa, Turkmenistan, Uganda, and the Philippines.
iCloud Private Relay is enabled by default when you upgrade to iOS 15 (or iPadOS 15) but it can be disabled by opening up the Settings app, tapping on your profile, selecting iCloud, and then tapping on the “Private Relay” toggle.
You can choose the IP address location settings for iCloud Private Relay. The “Maintain General Location” option, which is the default, allows websites to provide local content in Safari. The “Use Country and Time Zone” option uses a broader IP address that’s only specific to your country and time zone for more privacy.
Under the WiFi and Cellular settings on your device, you can also get quick access to the iCloud Private Relay settings. For WiFi settings, join a WiFi network and then tap on the “i” button to access the iCloud Private Relay toggle. Cellular Network settings will vary, but you need to tap on your phone number under Cellular and then toggle on iCloud Private Relay.You can control iCloud Private Relay separately for Cellular and WiFi networks, leaving it enabled for one and off for the other. For WiFi, the feature prevents WiFi networks from monitoring internet activity and hides your IP address from known trackers and websites.
For cellular connectivity, iCloud Private Relay prevents cellular providers from monitoring internet activity and hides your IP from known trackers and websites. iCloud Private Relay for cellular is linked to IP address hiding options in the Mail app. There are some situations where iCloud Private Relay may be unavailable when proxy servers are blocked. Enterprise and education networks, for example, sometimes audit all network traffic, and may block Private Relay. In this situation, you will see a note that Private Relay must be disabled so you can connect to a network, or you can choose another network.
Campuses and businesses can expressly allow proxy traffic from Apple devices for iCloud Private Relay to work, but this must be done on an opt-in basis and each individual campus or business needs to configure the network to allow for Private Relay functionality.
Hide My Email
With Hide My Email, iPhone, iPad, and Mac users can create unique, random email addresses that forward to a personal inbox, so it’s kind of like a password manager for email addresses. If you need to sign up for a store purchase, for example, you can use a random Apple-created email address to do so.
All the emails sent to the random Apple-created email address are forwarded to you so you can respond if needed, but the merchant does not see your real email address. And if you start getting spam emails from the merchant, you can just delete the email address and put a stop to it.
You can create separate email addresses for all kinds of things, and have a different email for every website if you want. Apple says it has no limit on the number of addresses that you can create (though during beta it is limited to 100), and they can be disabled at will to protect your privacy.
The Hide My Email feature is integrated into Safari, Mail, and iCloud Settings. If you go to Settings and then select your profile and choose the iCloud option, you’ll see a “Hide My Email” section. If you tap here, you’ll see all of your Sign in With Apple logins, and a “+” button.
Tapping on the “+” button lets you generate a new email address that consists of random words and numbers with an @icloud.com domain. Addresses can be labeled and you can add a note so you know what they’re for, and then the generated address can be used in place of your real email address.
You can choose the email address that your Hide My Email addresses forward to. By default, it will select your Apple ID, but if you have other email addresses associated with your account (which can be done under Settings > Apple ID > Name, Phone Numbers, Email), you can select another email address option.
Hide My Email works for both receiving and sending emails. If you respond to an incoming email that was sent to a Hide My Email address in the Mail app, Apple will continue to obscure your email address in the reply. This also appears to work using other email clients, though that may not be universally true and we have not tested with all email clients.
You can also create a Hide My Email address when signing up for an account on the web using Safari, or in an app. The “Hide My Email” option will come up as a suggestion, and if you tap it, Apple will offer a randomly-generated email address for you to use, and will email you to confirm its creation.
Hide My Email is a useful and easily accessible way to create a temporary email address that protects your real email address from spam messages and lets you know exactly which companies sell your information if you start getting unsolicited emails from an address you know to be associated with only one company.
It is worth noting that it is a bit confusing to use in tandem with the built-in Passwords storage feature on the iPhone and Sign in with Apple. Email addresses that you create aren’t stored in the Passwords section, you can’t add a new email here, and when you create an email you then have to manually store it in Passwords or log in with it on a website to get it added to iCloud Keychain.
App Privacy Report
With the App Privacy Report that can be accessed in the Privacy section of the Settings app, Apple now lists which apps are using privacy permissions that have been granted to them such as the camera, microphone, and your location.
The App Privacy Report will let you know which permissions have been accessed and how long ago each app accessed that information. The App Privacy Report will also include details on which third- party domains that apps have contacted, but this feature will not be available when iOS 15 launches and will be coming later this year.
To use App Privacy Report, you need to enable “Record App Activity” in the Privacy app, which can be done by going to Settings, selecting Privacy, and tapping “Record App Activity” at the bottom of the interface to allow the iPhone to collect a 7-day summary of app activity.
Mail Privacy Protection
Marketing emails, newsletters, and some email clients use an invisible tracking pixel in email messages to check to see whether you’ve opened up an email, and in iOS 15, Apple is putting a stop to that practice with Mail Privacy Protection.
There’s always been an open to block remote images, which effectively prevents tracking pixels from working, but Mail Privacy Protection is an easier to use, more universal solution. It is not on by default and needs to be enabled in the Mail section of the Settings app.
Mail Privacy Protection prevents email senders from tracking whether you opened an email, how many times you viewed an email, and whether you forwarded the email. It does not block remote images, but instead downloads all remote images in the background regardless of whether you’ve opened an email, essentially ruining the data.
It also has the added benefit of hiding your IP address so senders are not able to determine your location or link your email habits to your other online activity.
Apple routes all content downloaded by the Mail app through multiple proxy servers to strip your IP address, and then it assigns a random IP address that corresponds to the general region you’re in. Email senders see generic information rather than specific information about you.
Mail Privacy Protection is an alternative to blocking all remote content and if the feature is enabled, it overrides the “Block All Remote Content” and the “Hide IP Address” settings.
Safari IP Protection
Apple updated its Intelligent Tracking Prevention feature in Safari to keep trackers from accessing your IP address to build a profile about you. Safari is also protected with iCloud Private Relay if the feature is enabled, but you can block trackers from accessing your IP without using Private Relay.
These are just a sample of the new privacy features that will not only improve security for Apple’s customers but impact the ability for Marketer’s to accurately target and measure performance within the iOS ecosystem.
The impact of the changes will need to be closely monitored and thoughtful consideration must placed upon strategies that Marketer’s employ within iOS 15.