Tech giant Apple is once again under fire for its operations relating to China, this time due to sending user data to Chinese company Tencent as part of its fraudulent website warning feature in its Safari web browser.
Tech giant Apple is coming under fire over its Fraudulent Website Warning feature in the Safari web browser for iOS and Mac, MacRumors reports, because the feature uses Chinese tech giant Tencent as one of its Safe Browsing providers. The feature has been sending user data to Google Safe Browsing to cross-reference URLs against Google’s blacklist for some time but it’s unclear when the firm started sending data to Tencent.
Apple does note in iOS that it sends user data to Tencent but many users are likely still unaware of this as its mentioned on the “About Safari & Privacy” screen which is linked via extremely small text under the Privacy & Security section in the Safari browser settings. The Fraudulent Website Warning feature is also enabled by default meaning most users are probably unaware that their IP address may be logged by the Chinese tech company unless they turn the feature off.
The reference to Tencent was noted on devices running the latest version of iOS but some have suggested that data may have been sent to the Chinese firm as early as iOS 12.2
In iOS 12.2 beta 2 Safari now uses Tencent Safe Browsing in addition to Google Safe Browsing. pic.twitter.com/92pZKBmwWs
— Stijn (@StijnDV) February 4, 2019
The implications of sending user data to Tencent’s servers are currently unknown, but Johns Hopkins University professor Matthew Green has suggested that a malicious provider could possibly use Google’s Safe Browsing approach to de-anonymize a user by linking their site requests.
Green believes that users “deserve to be informed about this kind of change and to make choices about it. At very least, users should learn about these changes before Apple pushes the feature into production, and thus asks millions of their customers to trust them.”
Apple CEO Tim Cook recently defended the company’s decision to remove the Chinese HKmap.live app from its store, stating that they had received “credible information” from authorities that the software was being used “maliciously” to attack police.
The company has flip-flopped repeatedly on whether the app should be allowed in the store, initially telling developers: “Your app contains content – or facilitates, enables, and encourages an activity – that is not legal … specifically, the app allowed users to evade law enforcement,” and banning the app.
Following an outcry over the initial banning, the app was reinstated to Apple’s store. Now, following criticism from the Chinese Communist Party’s main newspaper, The People’s Daily, which stated that the app “facilitates illegal behavior,” leading it to question if Apple was “guiding Hong Kong thugs,” The Silicon Valley Masters of the Universe have once against bowed to the wishes of communist China and removed the app.