Apple is sending some browsing history of iOS 13 Safari users to Tencent Holdings Limited, a Chinese multinational conglomerate. The data shared is tied to the Safari Safe Browsing technology. Revelations of the relationship have drawn criticism from security and privacy experts.
Apple’s Safari Browser on iOS has a “Fraudulent Website Warning” feature set as a default that has used Google Safe Browsing technology as a back-end. But Safari users noticed recently information provided by Apple about this feature on iOS that acknowledges the company sends “information calculated from a website address” not only to Google Safe Browsing, but also to “safe browsing” technology from Tencent.
Moreover, Apple—”as is standard for this sort of news”—has divulged very little about the privacy implications of shifting Safe Browsing to use Tencent’s servers, which is troubling at best, and could be a privacy disaster, at worst, said Matthew Green, a cryptographer and professor at Johns Hopkins University, an analysis posted on Sunday.
“The changes probably affect only Chinese-localized users … although it’s difficult to know for certain,” he wrote. “However, it’s notable that Apple’s warning appears on U.S.-registered iPhones.”
There are a slew of problems with this scenario, not the least of which is that Tencent has close ties to the Chinese government, observed Tom Parker from Reclaim the Net in a blog post.