Network operators control

[judielaine]

Will there be similar instructions as at https://developer.apple.com/support/prepare-your-network-for-icloud-private-relay/ (pasted below) for institutions that need to enable controls on their network, such as the TickTok issue? Note that the solution for TikTok assumed the enterprise controlled the browser; however there are many BYOD context where the network operators are required to restrict traffic to certain sites.

Some enterprise or school networks might be required to audit all network traffic by policy, and your network can block access to Private Relay in these cases. The user will be alerted that they need to either disable Private Relay for your network or choose another network.

The fastest and most reliable way to alert users is to return either a "no error no answer" response or an NXDOMAIN response from your network’s DNS resolver, preventing DNS resolution for the following hostnames used by Private Relay traffic. Avoid causing DNS resolution timeouts or silently dropping IP packets sent to the Private Relay server, as this can lead to delays on client devices.

[DavidSchinazi]

Hi, sorry for the delay in replying. We're looking into how best to allow this. We'll have more information in the future.