Home
 » ISP News » 
Sponsored

EE Staff Deny UK Mobile Network Blocks Apple’s Private Relay

Thursday, January 13th, 2022 (12:01 am) - Score 7,128
Apple-iCloud-Private-Relay-Enabled

Support agents working for mobile operator EE (BT) have denied claims by some UK customers (here and here), and online news reports (here, here and here), that their mobile broadband (4G and 5G) network is intentionally blocking Apple’s iCloud linked ‘Private Relay‘ feature (such a block may clash with Net Neutrality rules).

The iCloud Private Relay service is designed to “protect your privacy by ensuring that when you browse the web in Safari, no single party – not even Apple – can see both who you are and what sites you’re visiting.” In short, it’s similar to a Virtual Private Network (VPN) and encrypted DNS service, albeit with a few differences (see our summary of Private Relay).

NOTE: Private Relay is a beta service, with limited availability, and to access it you’d first have to pay for an iCloud+ account (purchasable from just £0.79/mo for 50GB – these can be upgraded to ‘Plus’ at no extra cost). But it only works with traffic that goes through the Safari browser.

Recently it was reported that some networks in the USA, such as those with network-level style internet content filters enabled (parental controls), and operators in other EU countries, had started to block the Private Relay service.

Similarly, a number of EE’s customers in the UK began to notice that the feature was returning the following message when enabled on supporting iPhones with iOS15 or newer: “Your data plan doesn’t support iCloud Private Relay. With Private Relay turned off, this network can monitor your internet activity and your IP address is not hidden from known trackers or websites.

EE-Blocking-Apple-Private-Relay

However, a support agent soon clarified (here) that “EE don’t block the use of iCloud Private Relay“, but apparently “there are a couple of things that can impact it working,” yet they didn’t clarify how this might occur. We asked EE’s press team about this, but they declined to comment, although so far as we can tell they are NOT intentionally imposing a block against the service.

EE’s own community article on the service adds some extra detail and notes that there are actually two places where Private Relay can be enabled. Feedback from some customers suggests that if the first option (below) doesn’t work to enable the service, then the second option often will, but we don’t yet know if this is true for all of their customers.

How can I turn iCloud Private Relay on?

To use iCloud Private relay, you must be on iOS 15 or newer and have an iCloud+ subscription.

To turn it on you can either go to:

Settings > Apple ID > iCloud > Private Relay > On

OR

Settings > Mobile Data > Mobile Data Options > iCloud Private Relay > On

There are also specific controls for Safari:

Settings > Safari > Hide IP Address > Provides 3 options (trackers and websites, Trackers Only, Off)

Trackers and Websites – full Private Relay functionality where all traffic makes it through Private Relay.

Trackers Only – Only let the tracker traffic go through Private Relay, and all other Safari traffic will not go through Private Relay.

Off – turn off any Private Relay proxying for Safari.

On top of all this, there is a known bug in iOS 15.2 that can stop the service working on some mobile operators. The solution is to enable the “Limit IP Address Tracking” featured under ‘Settings > Mobile > Mobile Data Options’ on your device.

Otherwise, it is true to say that Mobile operators tend not to be too fond of the service because it can cause various problems (not unlike some VPNs), such as by preventing EE’s internet filtering system – Content Lock – from working correctly on adult websites. However, Content Lock can already be disabled by customers, although Private Relay will go further and circumvent any legally required website blocking too (e.g. blocks ordered by a court of law).

The service may also cause bigger issues, which customers aren’t always aware of when they enable it. For example, EE states that “some or all of the data used whilst streaming content on devices using iOS 15 with iCloud Private Relay switched on will not be zero-rated” (i.e. it stops them linking your EE customer ID to all of your activity).

On top of that, it can sometimes make it difficult for customers to purchase additional data from the add-on.ee.co.uk website, unless you turn Private Relay off first and then reload the page. Not to mention making it harder for some operators to optimise Content Delivery Networks (CDN) and edge content caching for video streaming services etc. (i.e. the operator’s congestion management and peering optimisation may take a hit, which might hurt the customer’s experience).

Lest we forget that Private Relay is still a beta service and may not work on every website. Indeed, sometimes it’s Apple’s service causing problems and not your mobile operator or broadband ISP. Suffice to say that it doesn’t currently seem fair to accuse EE of outright blocking the service, but as above, there may be other problems and caveats to consider while the service is still in beta. Likewise, EE could change their stance in the future.

Share with Twitter
Share with Linkedin
Share with Facebook
Share with Reddit
Share with Pinterest
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
12 Responses
  1. Andrew Campling says:

    It seems that Apple’s recent iOS 15.2 update toggled off Private Relay for cellular data by accident rather than large numbers of mobile operators in multiple countries suddenly disabling the feature from working on their networks.

    Anyone wanting more general information on some of the issues that Private Relay causes for network operators and ISPs may find the second report at https://419.consulting/private-relay useful.

    1. Winston Smith says:

      The report is very big on issues for ISPs and makes very little mention of users’ desire for privacy and security.

      The method that ISPs uses to monitor network traffic is based on historical protocol security flaws of unencrypted DNS requests and clear text server name indication. This leaves the user open to man-in-the-middle attacks on insecure networks and of course any third party can mine usage data.

      It’s the ISPs problem, not the users, that fixing this security flaw (whether through Private Relay or through, say, encrypted DNS and the new Encrypted Server Hello protocol) breaks the ISP’s monitoring systems. They were built on sand anyway.

      This section from the report is particularly alarmist:

      There are far-reaching implications for the Internet, well beyond privacy, especially if the other
      browser and operating system vendors follow Apple’s lead. The regulatory and competition
      aspects are of particular concern. Are there plans to legitimize Private Relay as a standard via
      the IETF? If so, will Google, Microsoft et al follow suit? This would lead to the end of the public
      Internet as it currently operates.

    2. Andrew Campling says:

      @Winston Smith
      You’re right that the report focuses on the issues for ISPs (it is titled “The Impact on of the Private Relay Service Network Operators and Internet Service Providers”). Whether it is a good thing for Apple to become the world’s largest virtual ISP seems reasonable to debate, alongside some of the operational challenges posed by the use of Private Relay.

      From a user perspective, it is important to be aware that access to zero-rated content will in fact be chargeable when Private Relay is enabled, at least for budget-conscious users not on unlimited data plans.

    3. Winston Smith says:

      The onus then is on ISPs to provide equivalent privacy and security to Private Relay rather than complaining about Apple.

      The bad/good news is that there is another similar system, ODoH (Oblivious DNS over HTTPS) that combines secure DNS with a proxy to hide to the user from from the DNS server.

    4. Andrew Campling says:

      @Winston Smith
      In fact Private Relay uses the ODoH protocol for DNS traffic. More detailed information on some of the technical aspects of Private Relay is available at https://419.consulting/encrypted-dns/f/icloud-private-relay – it’s a discussion with the lead Apple engineer recorded immediately after WWDC last year.

      A number of ISPs already support DoH, so they are adding additional privacy measures. The issue here is not about privacy but whether Private Relay makes fundamental changes to the way that the Internet functions. The antitrust aspects are also pretty significant. You may conclude that the benefits of Private Relay are worth these trade-offs but you should at least consider them.

  2. S.G says:

    Years ago I had issue with T-mobile blocking ports used by Skype on their “Full Monty” plans with “unlimited” Internet. They were denying it consistently even though I have proven this (so did some other users). I wouldn’t be surprised if now they block other services.

  3. Anonymous says:

    Tor won’t run on EE. Coincidence? (no, because “private relay” is applespeak for their version of tor). Runs on three though, but sure EE isn’t blocking it at all.

  4. Mike says:

    Just use a proper VPN on your phone.

  5. Aled says:

    No mention of the fact that US broadband providers routinely monitor your browsing history and sell advertising based on your website interests?

    Hell, they even sell your GPS location to 3rd party advertising companies, while specifically claiming they stopped the practice. As they embarrassingly demonstrated, by ethical hackers using the system to track the location of US senators in real-time.

    1. Andrew Campling says:

      @Aled
      This may be true of some US ISPs but it would be wrong to suggest that they all do. For example, an extract from Comcast’s Xfinity Internet DNS Privacy Statement:

      “Comcast does not use Comcast DNS data for marketing, advertising, or sales purposes, and does not sell this data to third parties for any purpose.”

      (See https://www.xfinity.com/privacy/policy/dns for the full statement).

    2. erratic says:

      By law UK ISPs also record your browsing habbits and make it avaliable to a shockingly broad number of entities, not just the police with a warrent as you might expect.

      Now we’re out of the EU and can delete GDPR, keep an eye on what happens with data privicy especially once this lot in gov get going with a us-uk trade deal.

      DoH/DoT and VPN everything.

    3. Bilal says:

      Lol that’s not going to happen @errati

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Ultrafast ISPs
  • Gigaclear £17.00
    Speed: 200Mbps, Unlimited
    Gift: None
  • Community Fibre £20.00
    Speed: 150Mbps, Unlimited
    Gift: None
  • Virgin Media £24.00
    Speed: 108Mbps, Unlimited
    Gift: None
  • Vodafone £25.00
    Speed: 100Mbps, Unlimited
    Gift: None
  • Hyperoptic £25.00
    Speed: 150Mbps, Unlimited
    Gift: None
Large Availability | View All
Cheapest Superfast ISPs
  • Hyperoptic £17.99
    Speed 30Mbps, Unlimited
    Gift: None
  • Virgin Media £20.00
    Speed 54Mbps, Unlimited
    Gift: None
  • NOW £21.00
    Speed 36Mbps, Unlimited
    Gift: None
  • Shell Energy £21.99
    Speed 35Mbps, Unlimited
    Gift: None
  • Vodafone £22.00
    Speed 38Mbps, Unlimited
    Gift: None
Large Availability | View All
The Top 20 Category Tags
  1. FTTP (4031)
  2. BT (3135)
  3. Politics (2089)
  4. Building Digital UK (2009)
  5. Openreach (1951)
  6. FTTC (1917)
  7. Business (1811)
  8. Mobile Broadband (1590)
  9. Statistics (1493)
  10. FTTH (1370)
  11. 4G (1361)
  12. Virgin Media (1266)
  13. Ofcom Regulation (1230)
  14. Wireless Internet (1224)
  15. Fibre Optic (1224)
  16. Vodafone (920)
  17. EE (900)
  18. 5G (878)
  19. TalkTalk (817)
  20. Sky Broadband (782)
Promotion
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact