Apple Breaks Its Own Privacy Feature: Websites Can Soon Block Your Burner Emails
Apple is about to make a major change to one of its best privacy tools, and the update might completely ruin how you use it. For years, paid iCloud subscribers have relied on a feature called Hide My Email to keep their real contact details safe. When you sign up for a new website, app, or newsletter, Apple generates a random, anonymous email address that forwards messages straight to your real inbox.
Right now, these burner addresses use the standard iCloud domain. Because they look just like regular email addresses, companies and websites cannot tell them apart from a standard user account. This design keeps you completely anonymous. It stops tracker companies, marketers, and sketchy websites from mapping your digital footprint or selling your real personal data to third parties.
That secret weapon is about to vanish. Apple recently sent a formal update to its app developers detailing a major shift in the coming weeks. The company plans to migrate all newly generated anonymous email addresses to a brand new sub-domain. Instead of the clean, standard look, new burners will clearly display a private identifier in the address itself.
By moving these randomly generated profiles to a dedicated sub-domain, Apple is giving every website and application a clear window into your privacy choices. Any online platform can easily update its firewall rules or account registration forms to flag or reject sign-ups from that specific sub-domain. If a company wants to force you to hand over your real personal details for data tracking or marketing profiles, they can just block Apple’s private domain entirely. This change essentially hands companies a tool to lock you out of their services unless you surrender your actual identity.
If you already have a library of burner addresses set up through the service, Apple says those older accounts will keep working normally. They will continue to route incoming mail to your main address without a glitch. However, the company noted that apps and email providers will need to adjust their internal spam filters. If they fail to update their filtering systems to recognize the new sub-domain, important automated emails like password resets, order receipts, and shipping updates might get flagged as junk or blocked before they ever hit your inbox.
Regular users are already pushing back against this decision. Online communities on platforms like Reddit are filled with frustration, with many pointing out that this update breaks the core reason they paid for an iCloud subscription in the first place. When tech publications reached out to Apple for an explanation, the company stayed silent, refusing to comment on why they chose to weaken their own security system.
This move happens during a period of intense political pressure regarding anonymous online accounts. Government agencies have spent the past year attempting to unmask anonymous users, using legal subpoenas to force tech companies to turn over real personal data. Earlier this year, reports surfaced that Apple even handed over real account holder data linked to a burner address during a high-profile federal investigation. This upcoming technical change might be Apple’s way of bowing to regulatory demands, but it ultimately leaves everyday users with far less protection on the web.
