Safari Privacy Label in the app store


I was looking through the AppStore and it seems like Safari could collect a lot of different types of data that are “not associated with the user.” However,it still seems like it could potentially collect more than, Brave, DDG Browser, or Firefox Focus.

More specifically I’m concerned with the fact that it blatantly says that it could collect location, browser history and usage history. Which as I understand could be easily de-anonymized with other data point apple might collect.

I trust the team behind Privacy Guides, but I would like to understand the Teams decision of recommending Safari on iOS instead of other browsers that collect less.

There are no other browsers on iOS, they’re all Safari under the hood.
Whatever data Safari (Apple) can see, they see it in the other iOS browsers, too.

2 Likes

So say, Brave on iOS is just safari with a different coat of paint on top of it and an adblocker and the crypto stuff on top. And since WebKit is propietary there is no way for anyone not even developers to alter or publish the code to see if that data is never being sent to apple, right?

1 Like

I think that is not precisely accurate.

My understanding is that other browser engines (e.g. Webkit, Blink, Gecko) are forbidden on iOS, which is not exactly the same as saying there are no other Browsers (e.g. Firefox, Safari, Chrome, etc).

Edit: I believe this is the rule:

2.5.6 Apps that browse the web must use the appropriate WebKit framework and WebKit JavaScript.

So while all browsers available on iOS must use Apple’s Webkit browser engine (including Browsers like Firefox and Chrome/Chromium which use their own Browser Engines on other platforms), that doesn’t exactly make them all just Safari under the hood.

Beyond this, I am not informed enough about the role a browser engine plays in a browser to comment on the specifics of privacy and security, and also not very knowledgeable about Apple’s policies for 3rd party browsers on iOS apart from knowing that they must all be based on Webkit.

This is a topic I’d like to understand more about. I have limited knowledge.

Brave is built on top of another browser + browser engine regardless of what OS you use. It is either built a top Apple’s browser engine on iOS or Google’s on every other OS.

Firefox would be a better example (as Firefox uses their own independent Browser Engine on every OS apart from Apple’s)

I don’t think that WebKit is proprietary, here is the github page for the project. Wikipedia says the license is LGPL and BSD

5 Likes

So maybe, there is a case to recommend a different browser other than Safari. Because, it seems like its not entirely like every browser on iOS is safari, they just use the same engine. And if that was a huge issue i dont see why Privacy guides would recommend Brave (based on blink/chrome) or Mullvad (based on firefox geko). I think there might be a good case to also recommend other browsers other than safari.

I understand that Safari is not terrible and ephemeral tabs in private mode are amazing. But even so, privacytests.org also shows that using it just out of the box without private mode on, or without and adblocker something like Brave or DDG could be better at handling anti tracking and ad blocking.

I would love if someone more knowledgeable could chime in on this and shed a light on the reasoning as to why Safari is the main and only recommendation.

Also thanks for the correction on WebKit not being fully propietary

WebKit is actually open source.

If you use a different browser you have to assume that no only Apple could see your data but the other company that made your iOS browser, too.

The browser engine is the important part though, if Apple is lying and snooping on all of us they would be able to see everything you do in Brave iOS, too.

2 Likes

But if its open source, why would we assume Apple is snooping on other browsers through the engine?

1 Like

Fair point. However, I think this risk would exist even if Apple allowed other browser engines, considering that the OS itself and all the privileged apps and services would still be Apple.

But if it’s open source, why would we assume Apple is snooping […] through the [browser] engine?

We should recognize it as a possibility, but I don’t think it is fair to assume that anything is happening, unless someone has reviewed the code and found cases of that occurring, or enough to have reasonable suspicion.

I understand not giving Apple or any other company the benefit of the doubt when it comes to proprietary, closed source, software. But if it is open source and the code is pubic, there should be evidence.

2 Likes

WebKit is open source, the whole way it is built into iOS is not.

4 Likes

So that would mean that even if it is open source, and you are using an open source browser, there is no way to verify it is not contacting apple.

However I also say if (we assume brave/DDG or whatever browser) is not collecting your data, that would mean still apple is the only party with access to it. So there would still be a point to using other browsers maybe?

Not really, unless there is a feature in the 3rd party browser that you really want.
For example the built-in ad-blocker in Brave iOS is a pretty compelling point if you trust Brave (you have to trust Apple automatically by using their devices).

1 Like

So it essentially boils down to an issue of trust, and since you already trust apple by using iOS, its easier to recommend Safari, and AdGuard if you want some ad blocking?