bert January 11, 2022 9:57 AM

No, they can’t, but this is not one of the myriads of scammy VPN providers, it’s Apple we’re talking about. Sure, the Private Relay is still in beta, and it’s currently not a real VPN, but a proxy for Safari. But looking at how Apple mandated the “Login with Apple account” stuff, I’m betting they planning on making Private Relay the default in the future.
This is what the telcos are afraid of.

Ted January 11, 2022 10:45 AM

No doubt this is a sigh of relief to law enforcement… you have to be in good standing to use Private Relay.

Lukasz Olejnik noted the service’s approach to fraud prevention here:

Private Relay is designed to ensure only valid Apple devices and accounts in good standing are allowed to use the service. Websites that use IP addresses to enforce fraud prevention and anti-abuse measures can trust that connections through Private Relay have been validated at the account and device level by Apple.

Clive Robinson January 11, 2022 11:19 AM

@ ALL,

Currently there is a series of attacks against Apple, Google is trying to force then to take RCS in iMessage without users being warned RCS is a security disaster, that Google has data hovering interests in.

Oh and The Register has another view o the blocking of Private Relay,

Basically the telcos, as predicted well over a decade ago, have become marginalised and forced into a minor status where they compeat on who can cut income further and still stay in business…

Well the telcos plan is to basically play Google and Microsodt at the grab users private information any which way they can…

But Google has kind of got ahead of them with “Rich Communications Sercices”(RCS) because they provide software etc to provide the required services. RCS is to replace SMS it’s a GSM Association standard and encryption was not included quite deliberately. Google’s “extended version” adds a very limited form of End2End but it basically is neither robust or secure…

Oh on 4G and LTE you do not need the underlying privacy haemorrhage that RCS requires so it’s optional. But GSMA has decided it is required to support RCS for 5G and this pulls in all sorts of security or lack there of questions,

Opting out of Mobile Communications looks increasingly like a good idea for those that like Privacy…

sam January 11, 2022 11:31 AM

Also from Europe

Europol ordered to delete vast store of personal data

Data protection advocates say the volume of information held on Europol’s systems amounts to mass surveillance and is a step on its road to becoming a European counterpart to the US National Security Agency (NSA)

A statement from European Data Protection Supervisor on the matter

Adam January 11, 2022 12:54 PM

Shirley the telcos are ‘common carriers’, so can’t block legitimate traffic?

In the USA? No, only copper landline providers are common carriers, and cellphones are some futuristic luxury that don’t need regulation. Europe is where I expect this to be interesting, as they do have some network neutrality laws applicable to mobile networks.

What’s interesting about this “blocking” is that it appears to be enabled by Apple. The message isn’t just some generic “connection failed”, or even “your ISP appears to be blocking this service”; it’s “Your cellular plan doesn’t support iCloud Private Relay”, which suggests the phone has disabled the feature at the request of the network operator.

Clive Robinson January 11, 2022 1:41 PM

@ AL,

Hm’mm, seems to be a Net Neutrality related issue.

Nope, it’s all about the money directly for privacy and by force majure selling you as a commodity.

Apple wants you to have some Privacy at their price, the telcos, Google, Microsoft, Palantir, Amazon, uncle tom cobbly and all want to “data rape, pillage and plunder” you to sell to who ever they can. The telcos will fight tooth, claw and every dirty trick possible to data rape you thus Apple has to be stopped in their view point, and that is what they are doing…

If you actually check out the nonsense the telcos are spouting you will find that it’s all basically nonsense and FUD to scare politicians, law enforcment and government inyel and SigInt agencies. The game is simple the telcos are happy to sell you out for the right price, and that is what ever they can squeeze out of people, Apple’s plans stand in the way of that, so you can guess what army of lobyists etc are going to descend…

We’ve seen what not just Telco’s but Cable companies will do to stop community Internet Service Providers and the like.

Ted January 11, 2022 3:07 PM

Update: T-Mobile explicitly says that ‌iCloud‌ relay has not been blocked. It was a default setting issue and Apple has been notified. 👍

MacRumors says “In the U.S., AT&T, Verizon, and T-Mobile have not spoken out against ‌iCloud‌ Private Relay nor have they suggested U.S. networks won’t support the feature.”

Apple today updated its iCloud Private Relay support document to clarify how users can make sure that ‌iCloud‌ Private Relay is enabled for a cellular network in iOS 15.2 by going to Settings > Cellular > Cellular Data Options and ensuring that “Limit IP Address Tracking” is turned on.

Ted January 11, 2022 5:27 PM

I haven’t been able to find a non-paywalled copy of the letter the EU mobile carriers sent to the EC. But the EC hasn’t responded to it?

“In August 2021, two months after the announcement of a new iCloud feature, Vodafone, Telefonica, Orange and T-Mobile sent a round-robin letter to the European Commission expressing concerns about the service. According to The Telegraph, the European Commission did not respond to a letter from EU mobile operators.”

Jonathan Wilson January 12, 2022 3:09 AM

T-Mobile has responded and indicated that for most users the block on private relay is not intentional and is caused by an iOS bug but that the feature will be blocked for users with parental controls or content moderation or certain other things where blocking private relay is necessary in order to enforce the T-Mobile features in question.

Clive Robinson January 12, 2022 5:04 AM

@ SpaceLifeForm,

Things appear less crouded here than they were…

But the point remains the SigInt’s will just sit there and collect it all which ever way it falls.

brubaker January 12, 2022 7:25 AM

And T-Mobile says on their website “We value your privacy”.

I guess that is why they want to take it from you.

JonKnowsNothing January 12, 2022 9:56 AM


T-Mobile says it’s a bug in iOS.

They said the only thing T-Mobile is blocking are accounts with Filtering Options.

Search Terms: ARS 01 12 2022 T-Mobile says it isn’t widely blocking

Anonymous January 12, 2022 1:24 PM

I’m unnerved by Apple promoting this as a “we know who each of our users are and they will behave and IPs coming from our service will be trustworthy” kind of thing.

I dislike the ISPs and Apple here.

B-Tree January 12, 2022 4:50 PM

blocking access to data that support their networks and underpin services to protect users harmful online material.

This is sooo horrible! These poor cellphone carriers only wanting to protect their beloved customers from evil content – and these ingrates chose to betray them by locking down their private communications. The sheer heartlessness of it really makes me want to cry! I never liked Apple very much but this is worse than I’d have expected even from them.
Is there any address to send donations?

SpaceLifeForm January 13, 2022 10:23 PM

Were the DDG problems last weekend related?

My hunch is yes, and BGP related.

Just a hunch.

SpaceLifeForm January 14, 2022 5:28 PM

@ Clive, ALL

re: RCS is a security disaster

Yep. You will need to pay a telco tax, and indirectly provide an email or account id.

Therefore, you will be exposing a phone number, and most likely, an email addy.

The combination is nasty.

I have yet to find anyone to get RCS working without a SIM card.

Just say no to RCS.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.