AT&T and Verizon straight-up say they’re not blocking the feature from functioning. Verizon spokesperson George L. Koroneos confirms that Private Relay works on both cellular and Fios internet connections, and AT&T spokesperson Seth Bloom says the carrier’s policy is not to block Private Relay.
Customers who chose plans and features with content filtering (e.g. parent controls) do not have access to the iCloud Private Relay to allow these services to work as designed. All other customers have no restrictions.
Now, in addition to some carriers in Europe, it appears that T-Mobile/Sprint in the United States is also blocking iCloud Private Relay access when connected to cellular data.
However, many of the users we’ve heard from, and tested ourselves, do not have any such content filtering enabled. We’ve followed up with T-Mobile for additional clarification, but have not yet heard back.
"Customers who chose plans and features with content filtering (e.g. parent controls) do not have access to the iCloud Private Relay to allow these services to work as designed. All other customers have no restrictions," T-Mobile told Ars last night. This also applies to customers who subscribed to Sprint before the companies merged.
T-Mobile was among the carriers in Europe that signed an open letter expressing concern about the impact of Private Relay. The carriers wrote that the feature cuts off networks and servers from accessing “vital network data and metadata and could impact “operator’s ability to efficiently manage telecommunication networks.”
Apple has yet to comment on this situation, but it is worrisome to see carriers like T-Mobile interfering with system-level iOS features. There’s likely not much that Apple can do here, but it underscores another limitation of Private Relay as a feature as well as the power that carriers hold.
T-Mobile says there’s an iOS 15.2 problem
In a further response to Ars today, T-Mobile suggested that there's a problem with the default settings in iOS 15.2. "Overnight, our team identified that in the 15.2 iOS release, some device settings default to the feature being toggled off," T-Mobile told us. "We have shared this with Apple. This is not specific to T-Mobile. Again, though, we have not broadly blocked iCloud Private Relay."
We contacted Apple and will update this article if we get more information.
iCloud Private Relay is available in beta and is designed to prevent network operators from monitoring customers' Internet activity. "If you turn off Private Relay, network providers and websites can monitor your Internet activity in Safari," Apple says.
Possible fix: “Limit IP Address Tracking”
An AT&T spokesperson told Ars today that it does not block iCloud Private Relay at all, even if customers have filtering enabled. We're still waiting for answers from Verizon.
Some AT&T customers reported on Twitter that iCloud Private Relay wasn't working on cellular data yesterday. However, some of those Twitter threads show that their problem was fixed by turning on "Limit IP Address Tracking" in the Cellular Data Options section of the iPhone Settings app.
The toggle description in the iPhone settings app says, "When this is turned off, iCloud Private Relay will also be turned off for this cellular provider." If you're having a problem with iCloud Private Relay, check to make sure that the "Limit IP Address Tracking" toggle is on.
A Verizon customer who reported a similar problem last month told us today that he never had content filtering turned on and that Private Relay is working for him now.
Your DNS records are encrypted, so neither party can see the address of the website you're trying to visit. The second relay, which is operated by a third-party content provider, generates a temporary IP address, decrypts the name of the website you requested, and connects you to the site."
Internal T-Mobile document
A few more details on the status of iCloud Private Relay on T-Mobile were revealed in an internal document that was obtained and published by The T-Mo Report. The internal T-Mobile document is labeled "Content filtering impacts," and it says, "T-Mobile customers with the Web Guard features, Sprint customers who have content filtering enabled, and other customers with content filtering on their rate plan (i.e. Home Office Internet) will not be able to enable iCloud Private Relay."
The document says that T-Mobile customers who want to enable iCloud Private Relay should review their account to see if they're using filters such as Web Guard "and turn off or remove the feature(s) from their account." It also says that "Sprint customers must turn off their content filtering via their sprint.com account." The document suggests that third-party VPNs could also prevent iCloud Private Relay from working.
The document "seems to indicate that the blocking isn't actually intentional by the carrier, but merely a necessary step to ensure their own services work properly," The T-Mo Report wrote. "The blocking affects very few customers in practice, and it seems that there are currently no plans to expand the blocking of Apple's service to standard customers."
Apple anticipated that iCloud Private Relay wouldn't work universally. "If a website, network, or service you're using doesn't appear to be compatible with Private Relay, you can temporarily turn off Private Relay in iCloud settings," Apple says.
Apple points out that you can disable Private Relay for one specific network while allowing it to work on other networks. To disable Private Relay on a Wi-Fi network, Apple says to "go to Settings > Wi-Fi, then tap the More Info button next to the Wi-Fi network." To disable on a cellular network, "go to Settings > Cellular > Cellular Data Options."