At Apple’s World Wide Developer Conference (WWDC) this year, a new privacy-oriented feature was introduced to paid subscribers of its iCloud services, iCloud+. Prior to the announcement, Apple offers iCloud as both free and paid subscription services. To differentiate, the paid tier is now dubbed iCloud+, which is the exact same iCloud available to those who subscribed. As part of this paid services, Apple introduced Private Relays, a new privacy-oriented feature, along with Hide My Email, a service that generates unique email aliases to shield the main email from being harvested.
What is a Private Relay?
The TL;DR is that each internet connection coming from an iOS 15/iPadOS 15 device will be encrypted and passed through two different proxy relays to protect the users’ content, if and when this feature is available and activated.
Each internet connection will have two layers of encryption to protect it. The encrypted connection will pass through Apple’s proxy (since it is encrypted, Apple has no idea as to the content of the connection — no idea as to what URL/IP address is being accessed except for the user’s IP address). Apple’s proxy will forward this to a trusted third-party proxy — this proxy will know that it comes from Apple’s proxy, i.e., it does not know the user’s IP address, only Apple’s proxy’s IP address, but it will know the destination IP address and establish a connection on behalf of the user.
For example, If you access mb.com.ph via private relays, your iPhone running iOS 15, will encrypt the connection from your home network, with say an IP address of 220.127.116.11, and forward the mb.com.ph request to Apple’s proxy. Apple knows that the traffic comes from 18.104.22.168, but it does not know that it is for mb.com.ph. Apple’s proxy will forward the request to a trusted third-party, ProxyA. ProxyA does not know that the request is from 22.214.171.124 because it is not provided by Apple’s proxy, it only knows that it is from Apple’s proxy and can decrypt the request to retrieve the destination, mb.com.ph. Mb.com.ph will not know that 126.96.36.199 is connecting to it, but only knows ProxyA, which in turn only knows Apple’s proxy, and serve the web pages. Pretty slick, huh?
Not available in the Philippines
This new privacy feature is coming around September/October of this year for all Apple devices from the first generation iPhone SE to iPhone 12 models and the expected iPhone 13 models. Current paid subscribers of iCloud will transition to iCloud+, at the same price, and have this new privacy feature added, but not if you are in the Philippines! This is the first time that I see the Philippines with Belarus, Colombia, Egypt, Kazakhstan, Saudi Arabia, South Africa, Turkmenistan, and Uganda, when it comes to privacy. It was cited that there are regulatory restrictions that prevent Apple from offering this — essentially, preventing Apple from protecting the internet connections of iPhone/iPad users in the Philippines!
Whilst there is very little information available as to which regulatory restrictions prevent Private Relays from operating in the Philippines, maybe the Philippine government needs to re-think these regulations now. Which law is this — is this related to the anti-terrorism law? Is it OK for the Philippine government to snoop on its citizens? Since when did Filipinos agree to this? Isn’t the right to privacy a human right? We need to get this feature available for all Filipinos. In this day and age, any protection Filipinos can get when accessing the internet should always be welcome!
SAY NO TO THESE REGULATIONS!