Published: Thu, October 17, 2019
Electronics | By Kelly Massey

Apple Addresses Allegations For Sending Users' Browsing Data To Tencent

Apple Addresses Allegations For Sending Users' Browsing Data To Tencent

Digiday reports that Apple's Safari browser isn't all that popular on desktop but on mobile it claims 53% of the USA market share.

As part of the built-in protection in Safari to keep iOS users safe from malicious websites, Apple sends to browsing data to Tencent, a technology firm in China.

For the fraudulent website warning to work, Apple has to share some data like your browsing history with Google. It was at this point that Green found out that the data sent might include the website visited by users as well as IP addresses. The company is now responding to these allegations.

"Safari receives a list of websites known to be malicious from Google, and for devices with their region code set to mainland China, it receives a list from Tencent", Apple said in a statement as quoted by the website CultofMac.

Further, when Google was both the default search engine and the only provider of a safe browsing database, there was little need for users to worry about sending hashed URLs they visit to Google when most of the websites they visit are served up from Google search results anyway.

To check the potentially malicious site's security, Safari may record information from the website URL and transfer it to Google and Tencent. However, be warned that this will make it less likely that Safari will be able to successfully identify malicious websites. While the administration of US President Donald Trump has been engaging China in a tit-for-tat tariff war, Apple has maintained a friendly, at times accommodating, stance in its dealings with the Asian giant.

Some Hong Kong ‘education’
Representative Chris Smith, a New Jersey Republican and a sponsor of the main Hong Kong bill, dismissed the threats from Beijing. A worker cleans graffiti off the vandalized exterior of a Bank of China branch in Tsuen Wan, Hong Kong October 2, 2019.

Google, for instance, provides two different Safe Browsing APIs - a Lookup and an Update API, the former of which allows browsers to send URLs in plaintext to the Google Safe Browsing server to check their status.

The implications of sending user data to Tencent's servers are now unknown, but Johns Hopkins University professor Matthew Green has suggested that a malicious provider could possibly use Google's Safe Browsing approach to de-anonymize a user by linking their site requests. Leave it on, however, and your data could be shared with Tencent, a company that isn't as interested in protecting your privacy as Google.

"Before visiting a website, Safari may send information calculated from website address to Google Safe Browsing and Tencent Safe Browsing to check if the website is fraudulent", the fine print reads.

Safari checks web pages that someone tries to access against the list of hashed prefixes.

It also came under fire for removing a maps app in Hong Kong that the developer said was created to help users avoid areas of protest.

Like this: