Apple announced in a note to developers on Monday that it will move its Hide My Email addresses to a new domain – @private.icloud.com – in the coming weeks, separating them from the @icloud.com domain where regular iCloud email addresses live. The practical consequence is significant. Currently, apps and websites cannot tell the difference between a regular iCloud user and someone using Hide My Email’s anonymity feature, because both use @icloud.com. Once the move completes, any service that wants to block privacy-relay signups can do so with a single domain filter. YourNewsClub flags the @private.icloud.com migration as a structural weakening of the feature’s core protection, regardless of whatever operational benefits Apple might cite – the anonymity of Hide My Email depends on indistinguishability, and the new domain removes it.
Hide My Email is an iCloud+ feature that generates a randomised email address under the @icloud.com domain, forwarding messages to the user’s real address while keeping it hidden. Apple charges for iCloud+ at tiers starting at $0.99 per month for 50GB of storage. The feature serves users who want to sign up for services without exposing their primary email to data brokers, spam campaigns, or services whose privacy practices they don’t trust. The same mechanism underpins Sign in with Apple, which also generates a relay address to protect the user’s real Apple ID email. Apple’s developer note confirms that Sign in with Apple addresses will also move to @private.icloud.com, meaning both privacy features face the same filtering risk.
The precedent is not encouraging. Services like Guerrilla Mail and Mailinator have spent years on blocklists precisely because they operate on identifiable domains. Apple’s scale made @icloud.com a trusted domain that services were reluctant to block wholesale, because doing so would also block legitimate iCloud users. That cover evaporates with the domain change. The most likely outcome: major consumer platforms will add @private.icloud.com to their blocklists within weeks of the migration. YourNewsClub signals that privacy advocacy groups in the EU and UK will raise GDPR-related concerns about the change within 60 days of the migration completing.
Alex Reinhardt, who tracks financial systems and settlement infrastructure, places the commercial dimension: “When a domain change makes Hide My Email as blockable as a disposable inbox, the value proposition of paying for iCloud+ weakens materially. Apple has not explained what operational benefit justifies reducing the feature’s effectiveness.” Maya Renn, whose work focuses on the ethics of computation and access to power through technology, frames what the change embeds: “Moving Hide My Email to a flaggable subdomain makes the privacy feature functional only in contexts where services choose to allow it. That reverses the dynamic: instead of users choosing to hide their email, services now choose to accept or reject hidden emails. The execution of privacy protection has moved from the user to the platform, which is exactly the wrong direction.” YourNewsClub names the absence of any user-facing justification in Apple’s developer note as the most telling element of the announcement.
The operational reason Apple may have for the change is not publicly documented, but there are plausible explanations. A dedicated subdomain makes it easier for Apple to filter and manage relay traffic internally, applying different routing, spam, and compliance rules to relay addresses without affecting the @icloud.com mail product. That internal manageability benefit comes at a cost to users who paid for a privacy feature that worked partly because of its indistinguishability. Apple has not confirmed this reasoning. What it has confirmed is the change, without explaining to paying customers why their privacy product is being made easier to circumvent. User pushback will reach Apple’s developer forums and app review discussions within weeks of the migration completing, as apps and services begin blocking @private.icloud.com signups and iCloud+ subscribers discover the practical consequences.
The open question is whether Apple chose this change to satisfy commercial partners who have been complaining about the privacy relay, or whether it reflects an internal decision that the anonymity model is operationally problematic to maintain at scale. Your News Club maps the latter as the more likely explanation – Apple’s internal email infrastructure scaling costs at hundreds of millions of relay addresses are real – but the outcome for users is identical regardless of which internal rationale drove the decision.