Apple Plans Changes to Hide My Email Feature, Raising New Privacy Questions

Apple 5-8 min read
Apple Plans Changes to Hide My Email Feature, Raising New Privacy Questions

Apple Quietly Shifts the Ground Beneath One of Its Most Trusted Privacy Tools

Apple has built its brand around the promise of privacy. For years, the company marketed that commitment through real, working features, not just advertising copy. Hide My Email was one of those features. Introduced in 2021 alongside iOS 15 and tied to the iCloud+ subscription tier, it let users generate random email aliases that forwarded messages to their real inbox. The addresses looked exactly like ordinary iCloud email accounts. Websites could not tell the difference. That was the entire point.

Now Apple is changing that. In a note sent to developers on June 16, 2026, the company confirmed it will move newly generated Hide My Email addresses from the familiar @icloud.com domain to a new dedicated subdomain: @private.icloud.com. The shift is framed as a technical consolidation. Sign in with Apple, which currently uses @privaterelay.appleid.com, will also migrate to the same new domain. Both services will share one home under private.icloud.com by later this summer.

The language Apple used is measured and procedural. But the reaction from security researchers, privacy advocates, and regular users has been anything but. Because once these addresses live on a clearly labeled subdomain, any app or website that wants to block anonymous sign-ups can do so with a simple domain filter. The invisibility cloak that made Hide My Email effective is being removed.

Apple is reportedly planning updates to its Hide My Email feature, a privacy tool that helps users keep their personal email addresses private when signing up for online services. The proposed changes are raising new questions about data protection, user anonymity, and how privacy features may evolve in the age of AI-driven digital services.
Apple is reportedly planning updates to its Hide My Email feature, a privacy tool that helps users keep their personal email addresses private when signing up for online services. The proposed changes are raising new questions about data protection, user anonymity, and how privacy features may evolve in the age of AI-driven digital services.

What Hide My Email Actually Does

Before unpacking why this domain change matters, it helps to understand what Hide My Email is and why people use it in the first place.

Hide My Email is a feature included in every iCloud+ plan, Apple's paid subscription tier that starts at $0.99 per month. When you sign up for a website, app, or newsletter, instead of typing your real email address, you can generate a unique random alias. Messages sent to that alias get forwarded directly to your personal inbox. You never have to give out your actual address.

The practical benefits are real:

  • Spam control: If a company sells your address or gets breached, you delete the alias. Problem solved without changing your real email.
  • Identity protection: Third parties never learn your actual email, reducing the data they can tie to your broader digital identity.
  • Tracking reduction: Marketers who use email addresses as cross-platform identifiers get a dead end.
  • Minimal friction: Unlike disposable email services that often get blocked, iCloud aliases worked seamlessly because they looked like regular Apple accounts.

That last point is the crux of the whole situation. The feature worked precisely because the aliases were indistinguishable from a standard @icloud.com email address. Any website that tried to block Hide My Email addresses would have also blocked millions of ordinary Apple users in the process. That was the natural protection built into the system.

The Domain Change and What It Breaks

How It Worked Before

Under the current setup, a Hide My Email address looks something like words.words.123abc@icloud.com. From a website's perspective, this is identical in format to john.smith@icloud.com. There is no subdomain, no flag, no signal that the address is an alias. A developer building a sign-up flow cannot distinguish between the two without tracking individual account behavior over time, which is expensive and impractical at scale.

This structural ambiguity was not an oversight. It was the design. It gave users genuine anonymity because blocking them required collateral damage to Apple's real user base.

How It Will Work After the Change

Once the migration happens, new Hide My Email addresses will use the format words.words.123abc@private.icloud.com. The subdomain is a clear, machine-readable signal. Any developer can add a single line to their email validation logic to reject or flag all addresses ending in @private.icloud.com. No complex analysis required.

Apple has been straightforward with developers about this. Its note advised those using Sign in with Apple to update account systems, email validation logic, and allowlists to accept the new domain. Email service providers were also told to update domain-based filtering rules to include private.icloud.com alongside the legacy domains.

"Existing addresses on the legacy domains will continue to work and forward mail to users without interruption." - Apple, in its developer notice

That assurance covers existing addresses. But every new alias created after the migration will carry the new domain. And those addresses will be identifiable from day one.

The Privacy Implications Are Not Subtle

The concern among privacy researchers and users is not theoretical. Services that want to enforce real-name or verified-identity policies, or simply those that dislike anonymous sign-ups, now have a straightforward technical path to do so. They do not need to build anything sophisticated. They just need to reject addresses from the new domain.

This is already a known pattern. Many platforms block sign-ups from temporary email services like Mailinator or Guerrilla Mail. Those services use obviously temporary-looking domains, which makes them easy targets for blocklists. Hide My Email's strength was that it avoided that category entirely. With the move to @private.icloud.com, it steps directly into that same vulnerable position.

Aspect Before the Change After the Change
Domain Used @icloud.com @private.icloud.com
Distinguishable from Real Apple Accounts No Yes
Easy for Sites to Block No Yes
Sign in With Apple Domain @privaterelay.appleid.com @private.icloud.com (unified)
Existing Addresses Functional Still functional, no disruption
New Addresses Generated on @icloud.com Generated on @private.icloud.com

Security researchers noted the reaction was swift. Users on Reddit voiced criticism almost immediately after the developer notice went public. On Hacker News, some users began discussing ways to generate aliases on the old domain before the migration completes, treating the window as an opportunity to stockpile legacy addresses with the original camouflage intact. One user noted they had already created several for themselves. Another suggested automating the process.

The fact that users are actively scrambling to preserve the old behavior tells you something about how they perceive this change.

Context Matters: Apple Has Already Shared Hide My Email Data With Authorities

This domain change does not happen in a vacuum. Earlier in 2026, TechCrunch reported that Apple had disclosed real account information tied to a Hide My Email address in response to a law enforcement request. The case involved an allegedly threatening email sent to the girlfriend of FBI Director Kash Patel. Apple complied with the legal demand and identified the user behind the alias.

That disclosure reminded many users of an important structural reality: Hide My Email protects your address from marketers and data brokers, but it does not provide anonymity against Apple itself or against valid legal process. Apple knows exactly which real account sits behind each alias. That has always been true. But seeing it applied in practice made it concrete in a way that abstract privacy policies rarely do.

The timing is also worth noting. The Trump administration has, according to multiple reports, made active efforts to unmask anonymous online accounts, using subpoenas and government pressure to compel tech companies to identify users. In that climate, any weakening of an anonymity tool, even a technical one, reads differently than it might in a quieter political moment.

Privacy advocates are urging Apple to clarify the rationale behind the change and to explain how it plans to ensure that users can continue to protect their personal information online without facing new barriers.

Why Is Apple Actually Making This Change?

Apple has not provided a detailed public explanation. The developer note frames this as a consolidation of two separate systems under one unified domain. Right now, Hide My Email uses @icloud.com and Sign in with Apple uses @privaterelay.appleid.com. Merging them onto a single dedicated domain simplifies infrastructure and makes it easier for developers to build consistent handling across both services.

There is a plausible technical argument here. Managing two separate relay systems is operationally complex. A single unified domain reduces that overhead. It also makes the system cleaner for developers who have to support both features in their apps.

There is also a regulatory dimension worth considering. As governments around the world push harder for digital accountability, particularly around anonymous accounts and online speech, having a dedicated domain for privacy aliases may help Apple demonstrate that its system can cooperate with legal requests in a structured way. The new domain provides a clear technical boundary that distinguishes Apple's relay system from ordinary user accounts.

None of this makes the privacy tradeoff disappear. But it does suggest that Apple's motivations here are layered, and that the change is not simply indifference to user privacy.

What Users Should Know Right Now

Existing Addresses Are Not Going Anywhere

Apple has been explicit on this point. Any address you already created under the old @icloud.com domain will continue to forward mail normally. There is no expiration, no forced migration, and no action required on your part. If you have built up a set of aliases over the past few years, they will keep working exactly as they do today.

New Addresses Will Be Identifiable

From the point the migration completes, any new alias you generate will carry the @private.icloud.com domain. Whether a specific website or app chooses to block that domain is entirely up to that service. Some will not care. Others, particularly those with strict identity verification requirements or strong anti-spam policies, may choose to reject it.

Generating Aliases Before the Switch Has Limits

Some users have suggested creating aliases on the old domain before the migration takes effect. The Hide My Email service is rate-limited, so mass generation is not straightforward. And using an alias on a domain that no longer receives new traffic may eventually create its own complications depending on how Apple manages the legacy infrastructure long term. It is worth being measured about this approach rather than treating it as a guaranteed workaround.

The Broader Impact on the Privacy Tool Ecosystem

Hide My Email was not the first email aliasing service, but it was unusually effective because of Apple's scale. When hundreds of millions of real users share a domain with the alias service, that domain cannot be blocked without serious collateral damage. Apple's iCloud ecosystem gave Hide My Email a kind of structural immunity that purpose-built alias services like SimpleLogin or AnonAddy do not have.

Those standalone services already operate from dedicated domains. They are already on blocklists maintained by some platforms. Users of those services know that some websites will reject their addresses. Hide My Email avoided that problem entirely up until now.

After this change, the practical difference between using Hide My Email and using a third-party alias service becomes much smaller in terms of blockability. Apple's product still has advantages: deep OS integration, a polished interface, and the trust of the iCloud brand. But the core technical advantage that made it uniquely hard to block will be gone for new addresses.

Feature Hide My Email (Post-Change) Third-Party Alias Services
Dedicated Privacy Domain Yes (@private.icloud.com) Yes
Easily Blockable by Sites Yes (new addresses) Yes
OS-Level Integration Deep (iOS, macOS, Safari) Limited to extensions/manual
Requires Paid Subscription Yes (iCloud+) Varies (free tiers available)
Identity Disclosure to Provider Yes (Apple knows your real address) Yes (provider knows)

What This Means for Apple's Privacy Brand

Privacy has been Apple's most consistent marketing message for over a decade. The company runs billboard campaigns about it. Tim Cook has testified before regulators about it. Apple Intelligence, the company's generative AI platform, was built around on-device processing specifically to reinforce this narrative.

Changes like this one create friction with that brand promise. Not because Apple is doing something clearly wrong, but because it is doing something that reduces a user-facing privacy protection without offering a clear public explanation for why. The absence of communication is as notable as the change itself.

Privacy advocates have been direct: they want Apple to explain the rationale. Is this purely an infrastructure decision? Is it related to regulatory pressure? Is there a plan to add new protections that compensate for the reduced camouflage? Without answers, users are left to read into the silence.

Apple has not publicly detailed the reasoning behind the change as of June 18, 2026. That gap is exactly the kind of thing that erodes the trust these features are designed to build.

What Happens Next

Apple has told developers to expect the migration later this summer. That means the window for generating legacy addresses on the original domain is measured in weeks, not months. Once the switch flips, every new alias will carry the identifiable subdomain.

The real test will come from how websites and app developers respond. If the major platforms choose to accept @private.icloud.com addresses without restriction, the practical impact on most users will be modest. The addresses will still work. Mail will still forward. The feature will still serve its core purpose for the majority of use cases.

But if a meaningful number of services choose to block the domain, the way many now block disposable email providers, the feature becomes substantially less useful for exactly the use cases where it matters most: signing up for services where you most want to protect your identity.

Whether Apple updates its developer guidance to discourage blocking, or takes some other step to preserve the utility of the feature, remains to be seen. For now, the company has told its developers the change is coming and left the privacy conversation largely unaddressed.

The Bottom Line

Hide My Email became a genuinely useful privacy tool because it worked in practice, not just in theory. The technical design made it difficult for websites to discriminate against alias users without hurting their own genuine user base. That protection is being removed for all new addresses going forward.

Apple may have valid technical and operational reasons for this change. Consolidating two relay systems under one domain is a reasonable infrastructure goal. But the privacy cost is real, and the company owes its users a clearer explanation than what a developer notice provides.

For now, existing Hide My Email users have no immediate action to take. Existing addresses will keep working. But for anyone who has come to rely on the feature as a meaningful layer of identity protection online, this is a change worth understanding and watching carefully as it rolls out.


Related Topics: #Apple #iCloud #HideMyEmail #Privacy #EmailSecurity #iCloudPlus #SignInWithApple #DataProtection #CyberPrivacy #TechNews