In iOS 15 and iPadOS 15, Apple added iCloud Private Relay as an additional method of protecting the identity of Safari users.
According to Apple:
Your IP address is visible to your network provider and to the first relay, which is operated by Apple. Your DNS records are encrypted, so neither party can see the address of the website you’re trying to visit. The second relay, which is operated by a third-party content provider, generates a temporary IP address, decrypts the name of the website you requested and connects you to the site.
This post is meant to focus less on the impact to the user and more on the impact to the developer community. If you are using IP-based geolocation, do you need to modify your application's behavior?
My first thought was to test geolocation using the iPad simulator that comes with xcode. If you use navigator.geolocation within the simulator, you will always get "2 Stockton St, San Francisco, CA 94108".
In this case, we don't really care about the what navigator.geolocation is returning, though because it is the IP address that is changing. I created a new pen to detect the user's location, based purely upon their IP address.
Now, if you test that pen with Private Relay on and off, the IP address definitely changes but the address stays the same. Private Relay's default setting is "Maintain General Location", so that makes sense. If you change the setting to "Use Country and Time Zone", it does not, though.
So, is this a problem for developers? If you are using the user's IP address to detect their location and they are using iOS 15, Safari, and Private Relay, there is at least a 50% chance that the resulting address will be the same as before. Since they would need to go into the "IP Address Location" and explicitly change it to "Use Country and Time Zone", it isn't terribly likely that they will turn it on either. If you are using geolocation to figure out how close the user is to a retail location or something, I would suggest that you just use the navigator.geolocation method. If you just care about what city or state that the user is in, you are probably going to be fine. Even with Private Relay turned on, the user needs to jump through extra hoops before your result is going to be incorrect.
Have any questions, comments, etc? Feel free to drop a comment, below. I would be interested in hearing what other devs think about Private Relay.