Apple has announced plans to consolidate the email domains used by Sign in with Apple and iCloud+ Hide My Email under a new shared domain, private.icloud.com, later this summer.
The change will affect newly generated anonymous email addresses, while existing addresses will continue working normally.
The company disclosed the update in a developer notice, advising app developers and email providers to update their systems ahead of the transition. Once the change takes effect, new relay addresses generated by both Sign in with Apple and Hide My Email will use the @private.icloud.com domain.
Currently, Sign in with Apple issues relay addresses using @privaterelay.appleid.com, while Hide My Email generates aliases under the standard @icloud.com domain. Apple said that previously created addresses on both domains will remain active and continue to forward emails to users without interruption.
Hide My Email is part of Apple's iCloud+ subscription service and allows users to create disposable email aliases that forward messages to their real inboxes. The feature is commonly used to reduce spam, prevent data collection, and avoid exposing personal email addresses when registering for apps, websites, and online services. Sign in with Apple provides similar privacy protections by allowing users to create accounts without revealing their actual email address.
The domain change has raised concerns among privacy-conscious users. Because Hide My Email aliases currently use the same @icloud.com domain as regular Apple email accounts, they are difficult for websites and services to distinguish from standard addresses. Moving newly generated aliases to @private.icloud.com will make them immediately identifiable as relay addresses, potentially making it easier for some services to block anonymous sign-ups or apply different account policies.
Apple has not publicly explained the reason for the change, other than stating that it is unifying the domains used by its email relay services.
Developers using Sign in with Apple are being urged to update account validation logic, allowlists, and email handling systems to accept the new domain alongside existing @privaterelay.appleid.com and @icloud.com addresses. Apple also advised email service providers to review any filtering, routing, or suppression rules that explicitly reference relay domains.
Organizations that fail to update their systems could inadvertently block account registrations, password resets, or other communications sent to users who rely on Apple's privacy-focused email services. To avoid disruptions, Apple recommends ensuring that all three domains remain accepted during and after the migration.
The announcement comes months after court records revealed that Apple provided subscriber information associated with a Hide My Email alias during an FBI investigation. The case highlighted a key limitation of the feature: while it conceals a user's real email address from third parties, Apple retains the account mappings necessary to route messages and can disclose them when legally required.
Leave a Reply