Apple’s Safari browser is sending data to Google Safe Browsing for assisting in protection against phishing scams using the Fraudulent Website Warning feature. But now it appears Chinese tech giant Tencent is getting some information. It is reported by the users that iOS 13 and the possible version of iOS 12.2 is sending some data to Tencent Safe Browsing other than the Google’s system.
More talk about Safari Presents in IOS
Note that it is not clear at this stage whether Tencent is collecting any information outside of China but you will see mention of the collection in the US disclaimer. but that does not mean that it’s scooping up information from American web surfers.
The concern revolves over what Tencent will be doing with the data. Both Google and Tencent may log IP addresses for their anti-phishing systems to work. Furthermore, Tencent’s frequent cooperation with the Chinese government has raised concerns that the data might be used for surveillance or other practices.
In addition to this, a statement by a professor of Johns Hopkins University professor Matthew Green was issued that a malicious provider could theoretically use Google’s Safe Browsing approach to de-anonymize someone by linking the site requests. As long as the Tencent’s method is similar, so it could have a way to identify users if the Chinese government pressurizes to reveal dissidents.
Comments by Apple
You can easily turn Fraudulent Website Warning off by going to Settings > Safari) according to your will to accept less vigilance against sketchy pages. The issue here is really that Apple should activate the feature by default instead of alerting users not specifically where Tencent operates. Note that the Apple’s decision for removal of a Hong Kong protest app and Blizzard’s ban on a pro-Hong Kong Hearthstone player, this might be hard for Apple and Tencent to escape scrutiny irrespective of their behavior.
Apple has issued an official statement that is stressing on the Safe Browsing doesn’t share the actual URLs of websites that users are visiting and clarifying Tencent will only receive data from Safari users with the region code set to mainland China.” They further added that the “Apple is protecting user privacy and safeguards your data as well with Safari Fraudulent Website Warning. It is a security feature that flags websites that are malicious in nature.
When this feature is enabled, then Safari checks the website URL against the lists of known websites and displays a warning if the URL the user is going to visit is suspected of fraudulent conduct like phishing. To complete the task, Safari receives a list of websites that are malicious from Google and for devices within region code that are set to mainland China. The actual URL of a website user is going to visit is never shared with a safe browsing provider and this feature can be turned off.”