That also enables unreasonable monopolistic behavior, like not allowing ANY browser besides Safari. Why not allow alternative browser engines that follow strict privacy practices? What about native ad blockers? Why not encourage privacy-friendly apps that don't collect data by lowering/waiving their fees?
That second point is really interesting. It seems sketchy on both ends, really. Either they are intentionally circumventing their own privacy feature, or they are giving their own browser an unfair competitive advantage.
Huh, maybe the level of integration here is just inherently problematic and companies shouldn't try to fulfill every role in the market.
If the assumption is that browsers track because it benefits the company commercially, it would be really cool if a company produced a browser at a premium that didn't do all of the above - this model must exist already? Privacy for a price sounds like a bad precedent to set though.
It seems like a useful privacy feature to me. I don't want Apple or Firefox to pass every site I visit every time I visit it to Google, Apple or any other company under US law.
I guess I'm interested in browsers who's developers wouldn't have done this in the first place - a browser which has privacy as a core principle and who's develop we wouldn't consider pushing any data, regardless of aggregation or commercial value, to a third party without explicit consent..
If we relegate privacy to fringe browsers like this, we'll lose in the long run.
It's not possible to have 0.05% percent of the market, and try and compete with goliaths like Google. So it creates a feedback loop of a browser that people don't really use because it lacks features/popularity. Or/and these companies are also forced to do things like Brave and their in-browser ads.
Meanwhile there'll be a group of people that'll say things like 'if you really want privacy don't use chrome, use these private browsers'. Completely taking off the pressure on the bigger browsers.
Also, catering specifically to privacy is always weird. It makes people think that you have something to hide. Everybody wants privacy, but someone really goes out of their way, it makes you think they have something very serious (i.e. illegal) to hide. It's sketchy.
There needs to be a collective awareness and greater pressure put on browser companies.
That doesn't change the fact that the current implementation is user hostile. There's no reason that privacy laws couldn't enforce a user setting at the browser level that websites could access in a standard way. Similar to the "Do Not Track" header, but actually enforceable. That would be the user friendly approach, but would require a technical committee of browser vendors, advertisers and tech giants to be part of the design process. Unfortunately the reason this doesn't happen is because the technical team would be working against their own financial interests, so there's no incentive to stop exploiting the user. Which is why the modern web is hostile to the user, and likely won't change unless the business models drastically change.
It’s not really one or the other. Firefox and Safari both exist and the incentives of the companies that run them are reasonably aligned with user privacy.
Privacy must be a tier 1 feature of a web browser.
The fact the market leader goes out of their way to shit all over privacy concerns says more about their marketing pull than the quality of their browser.
I don't think there's anything stopping web browsers to have the same level of privacy features as the apps, is there? Apple, Google and Microsoft owns both the OS and the browser, so there's really no excuse I feel.
Safari isn't the best answer for user privacy either so why grandstand for it as the only thing users should be allowed to run if that's your only concern? There is always a worse option to point at but that doesn't somehow mean Safari should be the only option.
You are right, but in practice it's a catch-22 situation. If companies start blocking privacy-aware browsers, then people will not use them, and they will not get market share.
There is an acceptable tradeoff between pseudo anonymous access through browsers vs non-anonymous access through native apps.
To interpret this research as reason for crippling web or browsers would be a giant mistake. Crippling browsers will only work against users, who will be then forced into installing apps by companies.
Two popular shopping companies in India exactly did this, they completely abandoned their websites and went native app only. This combined with large set of permission requested by apps lead to worse experience in terms of privacy for consumers. As the announcement for Instant Apps at Google I/O demonstrate, web as an open platform is in peril and its demise will be only hastened by blindly adopting these types of recommendations.
Essentially web as open platform will be destroyed in the name of perfect privacy. Only to be replaced by inescapable walled gardens. Rather consider that web allows a motivated user to employ evasion tactics, while still offering usability to those who are not interested in privacy. While with native apps where Apple needs a credit card on file to install, offer no such opportunity.
I am happy that Arvind (author of the paper) in another comment recommends a similar approach:
"""
Personally I think there are so many of these APIs that for the browser to try to prevent the ability to fingerprint is putting the genie back in the bottle.
But there is one powerful step browsers can take: put stronger privacy protections into private browsing mode, even at the expense of some functionality. Firefox has taken steps in this direction https://blog.mozilla.org/blog/2015/11/03/firefox-now-offers-....
Traditionally all browsers viewed private browsing mode as protecting against local adversaries and not trackers / network adversaries, and in my opinion this was a mistake.
"""
reply