Which companies operate the second relays for Apple Private Relay, and what are their jurisdictions and transparency records?

1. How the “second relay” is defined and why its operator matters

Apple’s published description of Private Relay explains the design: the first relay (operated by Apple) sees the user’s IP but not the destination, while the second relay (operated by a different entity) decrypts the destination and assigns a generalized egress IP without knowing the real user IP — making the second operator the party that can see destination traffic leaving the Private Relay system ^{[1] [2] [3]}. Security researchers stress that because only a small set of operational entities participate, collusion or compromise of those second relays would materially weaken privacy guarantees, which places outsized importance on who runs them and under what legal regimes they operate ^[6].

2. Which companies are disclosed to operate second relays

Apple’s own materials state the second relay is run by “a third‑party content provider” but do not list all partners by name in the basic support pages or whitepaper excerpts provided here ^{[1] [2] [3]}. Cloudflare has publicly acknowledged and blogged that it functions as a second relay for portions of Private Relay infrastructure, making it the clearest, documented example in the available reporting ^[4]. Other outlets and analyses describe the second relay as being run by “another, likely large, corporation” but do not enumerate additional operators in the sources at hand ^{[5] [7]}.

3. Jurisdictions that govern second‑relay operators and the practical implications

Because Apple and some documented partners (for example, Cloudflare) are US‑based or operate under US corporate umbrellas, some reporting has suggested many Private Relay participants and thus user connections are subject to US jurisdictional reach; Apple’s global exclusions for the service (China, Belarus, Kazakhstan, Saudi Arabia and others) also reflect Apple’s accommodations to local law and the practical limits of where the system is offered ^{[5] [8] [9]}. Analysts and network operators warn that the geographic distribution of egress IPs and where operators store or process logs could expose traffic metadata to varying legal regimes — a concern amplified where operators are subject to mandatory data‑retention or lawful‑interception orders ^{[10] [7]}.

4. Transparency records: Apple versus second‑relay partners

Apple provides relatively detailed public documentation about Private Relay’s architecture, configuration options and anti‑abuse measures in support and developer materials and has published whitepapers explaining the dual‑hop model ^{[1] [3]}. By contrast, reporting and privacy commentators highlight a transparency gap about second‑relay operators: outside Cloudflare’s public blog post acknowledging its role, coverage criticizes the lack of a complete public roster and sustained external audits of those egress operators, arguing that the privacy model relies on trust in parties whose logging practices and local obligations are not uniformly documented in the sources provided here ^{[4] [7] [11] [5]}.

5. Balanced conclusion and limits of the record

The record supports a firm conclusion that Apple runs the first relay and that Cloudflare is a confirmed second‑relay operator, while other second relays are run by third‑party content providers that Apple does not comprehensively enumerate in the cited materials; independent researchers warn that the small number of operators and uneven public transparency raise legitimate jurisdictional and auditability concerns ^{[1] [2] [4] [6] [7]}. Reporting included here does not provide a definitive, exhaustive list of all second‑relay companies or a complete, public catalogue of their jurisdictions and audit histories, so any assessment must acknowledge that limitation and rely on the named disclosures and expert critiques available ^{[5] [11] [10]}.