Your iOS browser could be sending tracking data to China

Cyber security. Data protection concept. Banking security. Hands touching digital icon padlock and network connection on mobile smartphone, virtual interface screen. - Image
(Image credit: Shutterstock)

Update: An Apple spokesperson reached out to us with this statement: "Apple protects user privacy and safeguards your data with Safari Fraudulent Website Warning, a security feature that flags websites known to be malicious in nature. When the feature is enabled, Safari checks the website URL against lists of known websites and displays a warning if the URL the user is visiting is suspected of fraudulent conduct like phishing. To accomplish this task, Safari receives a list of websites known to be malicious from Google, and for devices with their region code set to mainland China, it receives a list from Tencent. The actual URL of a website you visit is never shared with a safe browsing provider and the feature can be turned off."

Apple's Safari browser has been sending user data to Chinese tech giant Tencent, reports have claimed.

By examining Safari's Fraudulent Website Warning disclaimer, users discovered that iOS 13 (and possibly other versions of iOS starting at 12.2) sends data to Tencent Safe Browsing in addition to Google Safe Browsing, where it helps protect users from phishing scams.

As of now, it is not clear whether Tencent collects any information on users outside of China. However, in its disclaimer, Safari does inform users that their data is being sent to the company to protect users from visiting fraudulent websites, saying:

“Before visiting a website, Safari may send information calculated from the website address to Google Safe Browsing and Tencent Safe Browsing to check if the website is fraudulent. These safe browsing providers may also log your IP address.”

Safe browsing

While the practice of sending browser data to a company to help users avoid fraudulent websites and phishing scams is nothing new, some are concerned over what Tencent may do with the data it receives.

Google and Tencent both have the ability to log user's IP addresses so that their anti-phishing systems can work but since Tencent frequently cooperates with the Chinese government, concerns have been raised over how its data could be used for surveillance or other nefarious purposes.

According to John Hopkins University professor Matthew Green, a malicious provider could theoretically use Google's Safe Browsing to de-anonymize someone by linking site requests. If Tencent employs a similar method, the data it collects could be used to identify users if the Chinese government puts pressure on the company to reveal dissidents.

To avoid unwanted data collection by Safari, you could turn off its Fraudulent Website Warning feature (which Apple enables by default) but this could leave you even more at risk of falling victim to fraud. If you're more concerned over Tencent having access to your data, then it might be a better idea to use a different, more privacy-focused browser instead.

Via Engadget

TOPICS
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Meta warns of worrying security flaw hitting open source type software
Hand holding smartphone and scan fingerprint biometric identity for unlock her mobile phone
Biometrics add another layer of security to passwordless authentication
Data leak
Hacked Tata Technologies data leaked by ransomware gang
A close-up photo of an iPhone, with the App Store icon prominent in the center of the image.
Thousands of iOS apps found to expose user data and leak Stripe keys
China
Chinese hackers targeting Juniper Networks routers, so patch now
Latest in News
A graphic of the PC Gaming Show
Get ready for a bounty of PC games on June 8, as the PC Gaming show is back
NordicTrack Ultra 1
The new NordicTrack Ultra 1 treadmill looks like it was designed by an architect and costs $15,000
An Nvidia GeForce RTX 5070
Nvidia RTX 5080 stock is so barren that retailers are holding competitions where you can "win" the right to buy one for MSRP
Assassin's Creed Shadows
Ubisoft shareholder accuses publisher of 'misleading investors', plans protest outside Paris HQ
Google Gemini AI logo on a smartphone with Google background
I made an AI version of Bilbo Baggins using Goggle Gemini for free, and shared a pipe with him outside Bag End – here’s what you can now do with Gems
Nicole Kidman wears a blue blouse with her arms crossed.
Netflix might be renewing The Perfect Couple and Beauty in Black for season 2, but I don’t get why when it’s canceled shows with poorer ratings