Home Study of major web browsers finds all but Brave send user data to backend servers

Study of major web browsers finds all but Brave send user data to backend servers

Nathan Wasson Former Gaming & Tech Journalist Author expertise
In our content, we occasionally include affiliate links. Should you click on these links, we may earn a commission, though this incurs no additional cost to you. Your use of this website signifies your acceptance of our terms and conditions as well as our privacy policy.

A study published (PDF) this week by the School of Computer Science and Statistics at Trinity College Dublin found that the six major web browsers can be separated into three tiers in regards to out of the box privacy. The study looked at six browsers: Google Chrome, Mozilla Firefox, Apple Safari, Brave Browser, Microsoft Edge, and Yandex Browser. A family of easily reproducible tests were uniformly performed with all six browsers. The tests evaluated data shared in the following scenarios:

  1. on first startup of a fresh browser install
  2. on browser close and restart
  3. on pasting a URL into the top bar
  4. on typing a URL into the top bar
  5. when a browser is sitting idle.

The study split the tested browsers into three categories based on its findings, with Brave in its own category:

Used “out of the box” with its default settings Brave is by far the most private of the browsers studied. We did not find any use of identifiers allowing tracking of IP address over time, and no sharing of the details of web pages visited with backend servers.

Chrome, Firefox, and Safari were placed in the second category, as less private than Brave, but more so than Edge and Yandex. The three in this second category were found to share information regarded webpages visted with backend servers by way of the search autocomplete feature. Web addresses are sent back to these servers in real time as they are typed into the search bar. This data is tagged with an identifier tied to the browser instance, including the user’s IP address. The identifier persists across browser restarts, linking a user’s web activity and IP address over time.

The three browsers can be configured to preserve more of a user’s privacy, but most users are not aware of these issues and will not address them. Additionally, Firefox was found to have an open WebSocket for push notifications that is linked to a unique identifier. This WebSocket could potentially be used for tracking, but cannot be easily disabled.

From a privacy perspective Microsoft Edge and Yandex are qualitatively different from the other browsers studied.

The identifiers sent by Edge and Yandex are tied to device hardware, which means user web activity can be tracked across fresh browser installs. According to the study, this behavior cannot be disabled. Both browsers were also found to transmit additional webpage information seemingly unrelated to the search autocomplete feature.

Question & Answers (5)

Have a question? Our panel of experts will answer your queries. Post your Question
  1. While Brave is a good step with online privacy, I suggest Googling “CNAME cloaking” to see how “private” Brave really is.
    A much better private and secure solution (which isn’t being talked about) is the virtual private browser. Websites never touch the user’s computer..doesn’t get more private and secure than that.

Leave a Reply

Write a Review

Your email address will not be published. Required fields are marked *

Nathan Wasson Former Gaming & Tech Journalist

Nathan Wasson Former Gaming & Tech Journalist

Nathan Wasson is a talented writer whose true passion lies in the realm of online games. At the Tech Report, Nathan kept the audience up-to-date with all things gaming, including the latest game reviews, console updates, and the latest and greatest in the gaming landscape