Apple introduced iCloud Private Relay in 2021 as part of iCloud+ — the paid tier of iCloud. The feature attracted immediate comparisons to VPNs, which was both understandable and misleading. Private Relay uses a fundamentally different architecture than a VPN, achieves a narrower but genuinely novel privacy property, and has meaningful limitations that the comparisons often obscure.
The Two-Hop Architecture
A standard VPN is a single hop: your traffic goes to the VPN server, then to the internet. The VPN provider sees everything — your real IP address and all your destinations. They see less than your ISP does (because the tunnel bypasses ISP inspection), but they are a single point of observation for the complete picture.
Private Relay uses two relays operated by different parties:
- First relay (Apple-operated): Your device connects here. This relay knows your real IP address and Apple ID, but your traffic is encrypted such that the first relay cannot see where you're going — it can only see that you're connecting to the second relay.
- Second relay (third-party operated — historically Cloudflare, Fastly, and others): This relay sees your destination (the website you're visiting) and assigns you an IP address from a pool associated with your general region. But it never sees your real IP address or your Apple ID — only the encrypted connection from the first relay.
The destination website sees an IP from the second relay's pool. It knows you're in, say, "Western Europe, Central Time Zone" — a coarsened location — but not your precise city or your real IP. Your ISP sees that you're connected to Apple's relay infrastructure, but not which sites you're visiting.
No single party in the chain holds the complete picture: your real identity plus your browsing destinations. Apple knows who you are but not where you go. The second relay knows where you go but not who you are. This is stronger than a single-hop VPN where the provider holds both.
This is the feature's genuine innovation. Onion Routing (the basis of Tor) uses the same principle with more hops, but Tor adds significant latency and complexity. Private Relay achieves the two-party separation with enough relay capacity to remain reasonably fast for everyday browsing.
What Private Relay Covers
Private Relay protects Safari web browsing — HTTP and HTTPS traffic from Safari — and DNS queries made within that context. On iOS and iPadOS, it also covers insecure HTTP traffic from apps that use Apple's URL loading system. The protection is integrated into Apple's networking stack for covered traffic.
DNS queries within Safari are particularly meaningful. When you visit a website, your device first looks up its IP address via DNS. Without Private Relay (and without separate DNS-over-HTTPS configuration), those DNS queries typically go to your ISP's resolver in plaintext — revealing every domain you visit before you even connect. Private Relay routes DNS queries through the encrypted tunnel, hiding them from your ISP.
What Private Relay Doesn't Cover
The feature's scope is more constrained than many users assume:
- Other browsers. Chrome, Firefox, and any browser other than Safari on your Apple device do not use Private Relay. Their traffic goes directly to the internet through your regular connection.
- Most app traffic. The majority of network traffic from other apps — your email client, your social media apps, streaming services, games — bypasses Private Relay unless Apple has specifically extended the feature. Each app makes its own network connections.
- Account-level identification. If you're logged into a website, that site knows who you are because you authenticated with them. Private Relay hides your IP but not your identity once you've logged in. Google still knows you're browsing Google while logged into your Google account.
- Content of HTTPS connections. The destinations see the content of what you request, because the TLS connection terminates at the destination server. Private Relay provides IP and DNS privacy; it doesn't intercept or re-encrypt your HTTPS sessions.
- Browser fingerprinting. Your browser's characteristics remain visible to the sites you visit regardless of your IP. Browser fingerprinting is an independent tracking vector that IP privacy doesn't address.
Private Relay is IP privacy and DNS privacy for Safari. It is not a VPN, and it is not general-purpose traffic anonymization. Understanding what it covers is the precondition for knowing when to use something else.
Geographic Availability Gaps
Private Relay is unavailable in several countries, including China, Belarus, Colombia, Egypt, Kazakhstan, Saudi Arabia, South Africa, Turkmenistan, Uganda, and the Philippines, due to regulatory requirements in those markets. In these countries, the feature is simply absent from device settings — Apple cannot offer it while complying with local law.
For users in these regions, iCloud+ subscribers don't get the privacy property at all. This is worth knowing if you travel to affected countries or if Private Relay is part of your threat model in places where it's unavailable.
Comparison with VPNs
| Property | iCloud Private Relay | VPN |
|---|---|---|
| Hides real IP from websites | ✓ Yes | ✓ Yes |
| Hides destinations from ISP | ✓ Yes (Safari) | ✓ Yes (all apps) |
| Single party sees identity + destination | ✓ No single party | ✗ VPN provider sees both |
| Covers all browser traffic | ✗ Safari only | ✓ All browsers |
| Covers all app traffic | ✗ Limited | ✓ OS-level routing |
| No provider logging (verifiable) | ~ Apple policy | ~ Varies by provider |
| Works globally | ✗ Unavailable in some countries | ~ Varies |
| Government compulsion risk | ✗ Apple is compellable | ✗ VPN provider is compellable |
The Compulsion Question
Apple can be compelled by law enforcement. Private Relay's architecture means Apple holds less information than a conventional service — they know that a given Apple ID used Private Relay, but they don't have a mapping of which sites that user visited, because the second relay (which has destination information) is operated by a third party that doesn't know the Apple ID. This is a meaningful structural limitation on what Apple can be forced to produce.
But "less information" is not "no information." Apple knows when you used Private Relay and from which IP your device connected. The second-relay operator knows which destinations were visited. Under separate legal process served to both parties and combined, more could be reconstructed than from either alone. This requires coordination and isn't routine, but it's not impossible.
For users whose threat model includes sophisticated, legally-backed adversaries, understanding the residual information at each hop — and who operates those hops — is relevant to evaluating the protection. For users whose threat model is primarily ISP-level tracking and commercial surveillance, Private Relay is a meaningful and technically sound improvement.
Practical Takeaway
Private Relay is worth enabling for iCloud+ subscribers. The two-hop architecture provides a privacy property that simple VPNs don't: no single party holds both your identity and your browsing history. It works transparently in Safari without configuration, covers DNS queries that most privacy tools miss, and doesn't require trusting a third-party VPN provider.
It's not a substitute for end-to-end encrypted communication when communication privacy is the goal — E2E encryption is a different layer addressing a different threat. It's also not a complete solution for users who need to anonymize traffic from all applications. But for what it does — hiding Safari browsing from your ISP and your exact IP from websites — it does it well. Understanding VPN limitations puts Private Relay's specific advantages in context.