Keeping Your Safari Data Private
Apple products are designed to do amazing things. And designed to protect your privacy.
At Apple, we believe privacy is a fundamental human right.
And so much of your personal information — information you have a right to keep private — lives on your Apple devices.
Your heart rate after a run. Which news stories you read first. Where you bought your last coffee. What websites you visit. Who you call, email, or message.
Every Apple product is designed from the ground up to protect that information. And to empower you to choose what you share and with whom.
I don’t find Safari’s privacy options very empowering. There are lots of features to protect your from the sites you visit, but that’s only half the story. Safari’s user interface doesn’t mention which user data is sent to Apple’s servers. In fact, iCloud stores your bookmarks and Reading List, open tabs, and even your full browsing history (excluding private windows).
There is no granular control. If you want to sync your bookmarks or use Reading List to move the occasional link from your iPhone to your Mac, you also have to enable history syncing.
The history data is only secured by your Apple ID password, which means that Apple has full access to it. And there have been bugs where deleted history was not actually deleted.
With Chrome, your data syncs to Google if you create an account and log in, and you can choose which specific types of data sync. With Safari, you never really get a chance to opt in. macOS strongly encourages you to sign into iCloud during installation, and many apps won’t work without having it enabled in some fashion. You can opt out of iCloud’s Safari features, if you know to look for the checkbox tucked away in System Preferences.
Update (2018-03-06): Jason:
I appreciate the granularity Chrome enables with their syncing, even amongst individual instances. I can sync my themes and extensions on my work computer without syncing my browse history, for example.
It confounds me that Safari still doesn’t sync extensions between Macs.
Update (2018-06-02): Denis Bosnic:
I won’t bore you with long intros, suffice it to say that I filed a GDPR request with Apple to obtain all the data associated with my Apple ID account and I was surprised to see that it contained a log filled with my browsing history spanning the last 4 years of my Safari usage, containing 5,083 URLs and timestamps.
[…]
Clearing your browsing history with this feature turned on seems to clear it locally from all your devices, but there is a chance that a sizable part of this data stays in a hidden / difficult-to-access log stored on Apple’s servers.
There is currently no user-facing way of seeing or deleting that data apart from contacting Apple through a web form and hoping they will comply.
Update (2019-09-27): Maxwell Swadling:
I was also surprised to find in the iCloud data archive it includes your IP and reverse geo-ip lookup for every time you open a tab if you have this turned on.
9 Comments RSS · Twitter
Syncing and collecting are 2 different things. When you disable sync in Chrome, I'm almost sure they still collect data for there use.
At least when I disable Safari iCloud capability, I'm sure my history and sensible data stays on my machine.
I don't trust either of these corporations, and just use Firefox Sync.
@Jean-Daniel Chrome’s privacy policy seems pretty clear that the history is only sent to Google when you’re signed in.
@scineram is Firefox Sync e2e encrypted?
Michael,
Maybe Jean-Daniel's point is privacy policies could always change and you are consequently at the mercy of such changes. Then again, not sure how the same critique does not apply to Apple....never mind, nothing to see here.
remmah,
I think so....seems to have been encrypted since inception, but they did change how it worked a few years back.
https://blog.mozilla.org/services/2014/02/07/a-better-firefox-sync/
https://blog.mozilla.org/services/2014/04/30/firefox-syncs-new-security-model/
Thanks Nathan! Good to see Firefox Sync is set up securely, might have to give it a go.
[…] Previously: Keeping Your Safari Data Private. […]
[…] Apple, but this company policy is not mere veneer. It is a longstanding commitment — though it is impertfect and has its limits — as is the company’s stance towards an open […]
I mentioned it in a previous post from last week, but it’s worth repeating that Chrome has the option for encrypting sync data with your own passphrase.
And I suppose it’s rather telling that, whenever I find myself wishing that Apple had this option, I remember my previous experience with iCloud data loss and realize I still wouldn't want to trust Apple with any data integrity duties.