is iCloud Private Relay Better Than a VPN?

iCloud Private Relay vs. VPN: Which Is Better?

Apple’s iCloud Private Relay is the company’s answer to a VPN, providing iCloud+ subscribers with a level of privacy when browsing using the Safari browser… 

But there are many questions about how iCloud Private Relay works. Is it free? Should you turn it on? And is it better, or worse than using a VPN? 

If you use Apple’s ecosystem and you’re concerned about online privacy and cybersecurity, and you should be,1 this article and video above will help explain how Private Relay works and how to turn it on.

Why Should You Care About iCloud Private Relay?

When you connect to the internet normally, your internet traffic passes through your internet service provider’s (ISP) servers in an unencrypted format.

This allows your ISP and others, such as hackers and data brokers, to potentially monitor your online activities and access sensitive data like passwords or financial information. 

Over time, this data can be used to develop a profile of you and your behavior that could be used against you, such as in a phishing attack or other social engineering scam.

What Is iCloud Private Relay?

Approximately 850 million people use iCloud today. Anyone who pays for an iCloud+ subscription has iCloud Private Relay (IPR) included with their subscription…

However, I would guess that most people don’t know what Private Relay is or what the benefits are, or how to turn it on (because it’s off by default).

According to Apple: iCloud Private Relay keeps your internet activity private, similar to a virtual private network (VPN). It hides your IP address and browsing activity in Safari and protects your unencrypted internet traffic so that no one — including Apple — can see both who you are and what sites you’re visiting.

Apple Private Relay works with Apple’s Safari browser and uses two proxy servers (referred to as the “ingress” and “egress” proxies, respectively) that provide you with a level of privacy to you when you browse the web.

The first proxy server – run by Apple – encrypts the DNS content of you want to connect with and the second proxy server – run by a 3rd party – hides who you are on the Internet by assigning you a new IP address that isn’t precise, but approximates your geographic area, before connecting you to the destination website.

The limitations of Apple Private Relay are minimal, but the following items should be noted in terms of how it works:

  • IPR only works with Safari
  • Won’t mask the your IP address or DNS information when using Firefox, Chrome of Brave, etc.
  • You must opt-in… Private Relay is turned off by default
  • Doesn’t keep cookies from working on websites where you’ve accepted them with your browser
  • Won’t extend to other family members in sharing your iCloud+ account, unless you turn it on for them too

In contrast, a virtual private network (VPN) uses a single encrypted tunnel and masks your IP address across all your entire Internet connection, hiding your DNS information and IP address, no matter what app or browser you’re using.

See the video below for how to turn on Private Relay within the iCloud+ settings on your iPhone.

Private Relay Vs. VPN

iCloud Private Relay functions differently than a VPN because a VPN encrypts your traffic and obscures your IP address from start to finish in a single step, whereas Apple uses two separate, discreet steps to accomplish this.

A VPN works by creating an encrypted “tunnel” between your device and a remote VPN server operated by the VPN provider. All your internet traffic gets routed through this secure tunnel, hiding your online activities and data from prying eyes like your ISP, hackers, or government surveillance.

Some benefits of a VPN are:

  • Online Privacy & Anonymity: A VPN prevents your ISP, websites, apps, and others from tracking your online activities and selling your browsing data to advertisers. Your real IP address is hidden, making you anonymous online.
  • Security on Public Wi-Fi: Public Wi-Fi hotspots are prime targets for hackers to steal data. A VPN encrypts all your traffic over public networks, protecting your sensitive information.
  • Access Restricted Websites: Some websites and online content are blocked based on your geographic location. A VPN lets you bypass these restrictions by making it appear you’re connecting from a different country.
  • Prevent Bandwidth Throttling: ISPs sometimes throttle your internet speeds when doing bandwidth-intensive activities like streaming or torrenting. A VPN masks this traffic to prevent throttling.
  • Online Freedom: A VPN may allow users in countries with heavy internet censorship to access the free and open internet by circumventing government firewalls.

Summary

Everything you do online (and even offline!) today is monitored by default by your ISP, cellular providers, Google, data brokers, app stores, software providers, digital cameras and audio recorders, etc…  

Your private financial, health and browsing data are being tracked, recorded and resold creating profiles of you and your family without your express permission or direct knowledge.

If you’re an Apple user, Private Relay is included with your iCloud+ subscription and provides you with a basic level of online privacy, security and freedom. A VPN provides you with a similar but more flexible level of privacy because you can use it with any browser or operating system, not just Apple. These can be used simultaneously if desired.

Remember, you have to opt-in to Private Relay so you need to turn this on manually before it will work.

At the end of the day, you’re choosing a middle-man to protect your privacy online (either Apple or a 3rd party VPN provider) and keep your data secure. Apple is notoriously secretive about how it operates and some VPN providers may provide greater transparency for you in terms of how your data is handled, such as deliberately deleting log files after a certain time. 

Footnotes

  1. Everyone should develop a healthy level of paranoia about basically everything online today.