Apple has come under scrutiny following a post by the online privacy and rights blog Reclaim The Net which pointed out that users of the Safari Web browser might have had their browsing behaviour sent to Chinese tech giant Tencent. Safari uses Tencent's Safe Browsing filter in addition to Google Safe Browsing in order to protect users from phishing attacks and similar online scams IP addresses, raising concerns that the data might also be used to help track users' online activity and circumvent privacy measures. Apple has not been keeping this a secret, but the blog post points out that it is not known whether data only from users in China is sent to Tencent, or whether those in other parts of the world are also affected.
According to the blog post[1], Apple's privacy information page for Safari in iOS 13[2] clearly states that information might be sent to Tencent[3], but it is not clear how much data is sent or if there are any privacy protections in place. This appears to have been incorporated with iOS 12.2 for devices outside China, according to a tweet[4] cited by Reclaim The Net, although AppleInsider points out[5] that it was introduced within China with iOS 11.
Users can disable Safari's Fraudulent Website Warning feature, but it is enabled by default and many people might not even know that it is working in the background. It works by checking hashed versions of the website addresses that users attempt to visit against Google[6] and Tencent's vast databases of known malicious websites. As this is happening, the user's IP address is also sent to the companies. By correlating these requests and tracking browsing patterns, it could...