iCloud+ privacy features vs Matomo tracker

Hey y’all,

Apple’s WWDC 2021 took place a couple of days ago and a session that was of particular interest to our business was the one introducing a new Apple product that will soon be available, called iCloud+.

iCloud+ is a privacy-by-design product that among other services, includes one feature called “iCloud Private Relay”. iCloud Private Relay is an iCloud+ service that prevents networks and servers from monitoring a person’s activity across the internet.

Here’s a link to the relevant session: https://developer.apple.com/videos/play/wwdc2021/10096/

The session includes a detailed technical rundown of the design and implementation specifics but the part that pertains the most to what the Matomo tracker does seems to be that with this service enabled, the user’s network topology will look like this (instead of the bottom part of the picture which is what it more or less looks like at the moment):

So my colleagues and I are left wondering whether this will affect the way the Matomo tracker works for people who have this service enabled on their Mac and/or iPhone.

Should we still reasonably expect the Matomo tracker to identify visitorId’s and geolocation data as it presently does?


It’s like a VPN, isn’t it?

Sort of? We are not actually sure because, based on the diagram, an IP address is not available at all whereas on a VPN it would presumably just be a different one than the originating client IP address.

So that makes us question whether the Matomo tracker will be able to deduct the visitor session information at all, or perhaps worse (in our particular use case) incorrectly.

I believe the best comparison is Onion routing.

Onion routing is a technique for anonymous communication over a computer network. In an onion network , messages are encapsulated in layers of encryption, analogous to layers of an onion. The encrypted data is transmitted through a series of network nodes called onion routers , each of which “peels” away from a single layer, uncovering the data’s next destination. When the final layer is decrypted, the message arrives at its destination. The sender remains anonymous because each intermediary knows only the location of the immediately preceding and following nodes.[1] While onion routing provides a high level of security and anonymity, there are methods to break the anonymity of this technique, such as timing analysis.[2]

An IP address will be provided, just not the client IP address. It will be the service provider’s IP, which will be a significantly small pool. Note that it’s literally impossible to visit a server without also providing an IP address, as this communication is all networked. iCloud+'s Private Relay will effectively make it look like everyone using Safari is browsing in the same office behind a NAT. Wooooo.