In a report from professor and cryptographer Matthew Green today, concerns were raised about Apple sharing users’ browsing data to the Chinese company, Tencent. Now Apple has offered an official response, reassuring users that actual URLs aren’t shared with third-parties.
Apple has used Google to provide Safe Browsing services but with iOS 13 it started using Tencent to comply with Chinese regulations.
Before visiting a website, Safari may send information calculated from the website address to Google Safe Browsing and Tencent Safe Browsing to check if the website is fraudulent. These safe browsing providers may also log your IP address.
As we reported this morning, professor and cryptographer Matthew Green raised some concerns about third-parties seeing users’ IP addresses as well as what webpages they are viewing.
Johns Hopkins University professor and cryptographer Matthew Green says this is problematic because it may reveal both the webpage you are trying to visit and your IP address. It may also drop a cookie on your device. This data could potentially be used to build up a profile of your browsing behavior.
Bloomberg’s Mark Gurman has now gotten an official response from Apple on the matter and the company says actual website URLs aren’t shared with Tencent or Google and explains more about how fraudulent website warnings work including that users can turn the feature off.
Apple: “The actual URL of a website you visit is never shared with a safe browsing provider and the feature can be turned off.” https://t.co/vgUYkinwhP
— Mark Gurman (@markgurman) October 14, 2019