Quick Links
With the release of iOS and iPadOS 15 in September 2021, Apple placed a renewed focus on privacy with some big strides forward for iPhone and iPad users. Let's run through what's new and how you can take advantage of the new features to protect yourself.
Private Relay Hides Your IP Address
Private Relay routes your web traffic through several servers in a bid to keep your IP address and location private. The service makes two hops: the first is to Apple's servers which encrypts whatever it is you're trying to access and removes identifying information, while the second is run by a "trusted partner" to assign a temporary IP address.
The result is a VPN-like service that attempts to anonymize your web traffic. This is done in a way that Apple says even they cannot see what it is you are looking at, and it's reminiscent of the Tor private browser. Unlike Tor, Apple's solution makes only two hops, which ensures browsing remains fast.
Private Relay is available to all paying iCloud customers, who have been moved to the iCloud+ tier with the release of iOS and iPadOS 15. If you pay for even the cheapest iCloud tier (50GB) you can turn the feature on under Settings > [Your Name] > iCloud > Private Relay.
At the time of iOS 15's release, Private Relay is in beta and may not work as intended. We noticed that the service occasionally times out, with Safari reporting it was unable to contact the service. You may also find that certain websites that rely on your geographical location don't work correctly.
You can trade off some of the additional protection in favor of a general IP address location by choosing "Use Country and Time Zone" under Private Relay settings.
Mail Privacy Protection Thwarts Email Trackers
Tracking pixels are small objects embedded into the body of an email by marketers hoping to learn more about the recipient. They're virtually undetectable to the naked eye, but they can say a lot about you. This includes your IP address, when you opened the email, what device you are using, and more.
Apple has tackled this problem head-on in iOS 15 with the introduction of Mail Privacy Protection. The feature effectively loads all remote content in the background, anonymizing it with a series of proxy servers before it arrives on your device. While marketers will still attempt to get information, this information won't be accurate in terms of your device, location, or IP address.
Mail will ask you if you want to enable Mail Privacy Protection when you first open it after upgrading your device. You can also enable it under Settings > Mail > Privacy Protection by enabling Protect Mail Activity.
Hide My Email Lets You Create Burner Addresses
In addition to Private Relay, iCloud+ also includes a feature called Hide My Email. If you pay for iCloud at any tier (even 50GB) you can use this new option to create secure, "burner" email addresses.
Instead of providing your real email address when signing up for a service, Hide My Email allows you to generate a unique email just for use with that service. Any correspondence sent to that address will be forwarded an email associated with your Apple ID of your choosing.
This allows you to sign up completely anonymously, or create additional accounts for services you already use without having to register a new email address. This works particularly well with the "Sign in with Apple" option you'll see when registering new accounts.
Assuming you have iCloud+ you'll see the option to "Hide My Email" in the QuickType bar when signing up for a new account. You can also head to Settings > [Your Name] > iCloud > Hide My Email to create new aliases manually and decide where to forward the email to.
One thing that's particularly nice about this feature is that it creates addresses that use the genuine "@icloud.com" top-level domain. This prevents services from blacklisting anyone trying to use it as is often the case with disposable email addresses.
App Privacy Report Audits Your Apps
Did you ever wonder what your apps are up to in the background, or how often they access data like contacts or sensors like the microphone? App Privacy Report is a feature that lets you learn a lot more about what your apps are up to.
You can enable the feature under Settings > Privacy > Record App Activity to get a week-long look into how your apps are spying on you. With the launch of iOS 15, the feature isn't quite ready yet since Apple hasn't included the ability to view any reports generated.
But you can still enable the feature so that when it's expanded in a later iOS update, you have some data to peruse. You can also download your report in its raw data form, a NDJSON file with (admittedly hard to read) logs about what the various apps on your device are up to.
You can use the feature to figure out what apps are accessing and how often they are doing so. If you find an app is using your microphone for no good reason, you can revoke its permission to do so using Apple's robust permissions system. You'll also get information about which domains the app is contacting, which should give you a greater understanding of how apps are tracking you.
Apple Now Has an Authenticator for 2FA Too
If you use an app like Google Authenticator or Authy for two-factor authentication (2FA), you'll be pleased to learn that Apple also has a solution built right into iOS and iPadOS. The feature lives alongside your stored passwords and is tied to a particular domain to make auto-filling valid codes even easier.
You can set it up on a per-entry basis under Settings > Passwords. Once authenticated tap on the website you would like to add and choose "Set Up Verification Code" near the bottom. From here you can tap "Enter Set-Up Key" to enter the set-up key or "Scan QR Code" to get that information from a QR code instead.
This can be fiddly to set up if you are already set up in an app like Google Authenticator. Some websites will require you to disable two-factor authentication on your account, then re-enable it before they will show you the set-up code required to enable the function.
While setting up an account if you are given a QR code to set up the feature, you can save some time by long-pressing it and choosing "Set Up Verification Code" to configure the feature that way.
When setting up two-factor authentication, make sure that you save your backup codes in a safe place. Without backup codes losing access to your device or app of choice could see you locked out of your account permanently.
This feature doesn't affect Apple's own two-factor authentication, which still works on a system level across your various device.
Siri Speech Processing Now Happens Offline
Finally, any requests you make of Siri will be processed offline with the arrival of iOS 15. The feature makes use of the Apple Neural Engine found in the A12 Bionic chip or later, first added to the iPhone XS in 2018. If you have an older device then Siri requests are still sent to Apple for processing.
Privacy concerns aside, this means you can now use Siri for almost anything even when you don't have an internet connection. Concerns regarding eavesdropping or surveillance can now also be safely put to bed, provided your device is compatible.
There are a few other caveats, of course. Offline processing is only available for specific languages including English, German, Spanish, French, Japanese, Mandarin Chinese, and Cantonese.
Find Out What Else is New in iOS and iPadOS 15
The iOS and iPadOS 15 update is free and includes the latest features and security enhancements, as well as access to new services like iCloud+ and Private Relay. Find out if your device is compatible and how to update.
If you've missed the news and want to catch up on what makes Apple's latest software update so great, check out what's new in iOS and iPadOS 15.