You'll never guess which mobile browser is the worst for data collection Mirror, mirror on the wall, who is the slurpiest mobile browser of them all? The answer, according to VPN vendor Surfshark, is Chrome. Surfshark's research focused on the top ten browsers based on AppMagic rankings. This included Safari due to it being the default browser on iPhones. Between them, Chrome and Safari account …
Brave wouldn't be in my toplist, too Orange, maybe Waterfox instead (not covered by Surfshark/AppMagic) ...
And I'm happy to find out that it severely limits the data it slurps (because, these days, I fully expect there will be slurping).
I'm even happier that it cuts out ads, and that me a ton of bandwidth on my smartphone.
I never miss a chance to tell people around me about Brave if ever phone browsers come up in the conversation. I have converted a few people already.
Might want to also warn them about how slow they are to merge upstream patches, 4 weeks for an actively exploited zero day in the chromium code
You would have to be a total fool to use these privacy browser's without looking into support, and who you are actually entrusting.
Mh. Brave is owned by crypto bastards.
I thought this link (much shared on here previously) made interesting reading.
https://www.spacebar.news/stop-using-brave-browser/
Firefox for Android works well enough especially if you tweak up the privacy settings. I notice far less tailored adverts following me around than when I used to use anything Chromium based.
<Mh. Brave is owned by crypto bastards.>
Who cares........
Go through the settings and just switch off anything to do with it and normally you never see anything about it.
Does the browser do the job you want and if you are looking for privacy how does it rate relative to other browsers.....
I am not suggesting Brave is perfect but I just find the amount of negativity around using it a little "emotional" perhaps.
I have no background in technology so may be missing something but if that is the case so have pretty much all the privacy writers who have written about browsers......
"Who cares..... "
Evidently some care enough to write fairly detailed blog posts on it.
"Go through the settings and just switch off anything to do with it and normally you never see anything about it."
I'd prefer a browser that doesn't come with additonal crap that I have to turn off. Or have to turn off every time it updates.
Plus the way Brave handles advertising sounds like you just swap Google servers for their own in terms of data collection.
Similar arguments of “just turn off these settings and remove the stuff you don't want" sometimes get made about Win10/11. IMHO they don't really hold water either unless you have absolutely no alternative
I rate the "turn it off in the settings" arguments based on how feasible it is to do. For example, some of the things I find annoying in Windows are easily turned off in the settings and don't come back, so those don't bother me very much, but other ones either move around, require registry hacks to turn off, or aren't configurable at all. I take those ones much more seriously. I don't know how Brave works, mostly because I'm satisfied with Firefox as it is now and because there seemed to be a longish list of things I didn't want. I probably can turn them off, but why bother when my existing browser doesn't have them in the first place?
<Evidently some care enough to write fairly detailed blog posts on it.>
About as one sided as a hatchet job could be.........
Even with Firefox you have to turn off a load of settings.
<Plus the way Brave handles advertising sounds like you just swap Google servers for their own in terms of data collection>
Really - please explain?
Be careful of the TOS fine print on Brave. A vocal fanbase of ordinary commentards saying it's the best doesn't mean it can always be trusted. It appeared to collect everything in its younger days by using proxies. Maybe it still does - I haven't bothered to download it again.
Collection on the device, with your agreement, is fine. Problematic is transfer elsewhere but the article doesn't make this clear. Apple already broke GDPR by syncing Keychain to the cloud without requesting permission or even informing the user. I don't let browsers access my location or bank account details and am increasingly using Revolut's one-time only credit card function for payments that require one.
For us users there are two main risks with the "convenience" that the collection provides – makes form filling much less of a chore – that the data might be exploited by the provider, or a third party if they can obtain access; potential loss if the provider disappears or changes its policy.
Having used Firefoxes syndicated storage for a while, I'm currently investigating and am impressed by BitWarden's more intelligent interface, and dedicated EU service. And independence, if Mozilla ever decides it needs to shutdown or become just another advertiser. But, whichever service you use, limiting what you store there.
Browsers such as DuckDuckGo and Firefox fall into a moderate category in terms of data collection, avoiding the most sensitive data collection practices. They gather information in areas like contact information (name, email address), identifiers (user ID), usage data, and diagnostics, offering a balance between functionality and privacy. These browsers may suit users with moderate privacy concerns but still require robust browsing capabilities.
As far as I know Firefox doesn't collect names or email addresses. Also once you untick privacy preferences there aren't any identifiers, usage data, or diagnostics collected, all it does is seach for extension updates.
Except that it's pretty clear that OP's point was about the negative effects of disabling JavaScript, not the difficulty- or otherwise- of doing so.
As for JS-less alternatives, it depends how palatable you consider those and how much you want to sacrifice, but let's not pretend that isn't a major consideration(!)
Surprising Vivaldi is not mentioned. I began to move away from Firefox,. mostly bc its user interface is not very user friendly on Android.
Hesitated between Brave and Vivaldi. Went for Vivaldi just bc it doesn't have the crypto ecosystem from Brave. So far Vivaldi is really good in blocking ads. And I feel more productive with its user interface.
"Surfshark analyzed the privacy details of these apps on the Apple App Store."
Which sounds like: there was no technical analysis of what the browsers *actually* do in terms of data collection, but rather they've just looked at what the vendors have *declared* that they do in their privacy policy.
These ad pushers apparently want details about me yi push ads specifically targeted to me. And pay lots of money for it. But I can’t be the only one spotting targeted ads, and I find them absolutely creepy. So with a targeted ad, you just make sure I’ll never be your customer.
>>So with a targeted ad, you just make sure I’ll never be your customer.
Ain't that the truth?
I have pondered recently about how bad the "i hate your adverts so I am never touching your company again with a bargepole" is, or isn't, for advertisers to persist in ramming their wares into your eyeballs at every opportunity. I assume there are enough marks who click on the advert and convert that click into revenue to balance out those like thee and me who mentally note the source of the advert and never click on any link back to them ever again be that in an advert, an advertorial, an opinon piece or someone recommending a product (shill or otherwise enthusiastic).
I run ad blockers, so most ads are vanquished, and rarely search for stuff around where I worked (it was 15 or so miles from home) but was surprised to get a property and for the estate they were building on land near to the workplace... I guess they tracked me from the office wi-fi.
I recently checked some of the cookies on my home laptop (I normally just delete unwanted one using a ff add-on) and discovered a number had 'geolocation' tags. Some were generic 'gb' but others narrowed it down to the City of London (the laptop has never been there, and I rarely travel through there) but others were getting reasonably close (postal district) though never correct. I'm assuming this is down to the 'combine data from other devices' etc hidden in the small print of the data/cookie policies
@42656e4d203239
Do try and avoid companies when the online ads have been irrelevant and persistently flung at me (not that I see that many with ad block active on many sites)
Advertorials are a different thing, so long as they are clearly marked as advertorial I am all in favour - it gives the website, newspaper, whatever some income & it may even be of interest to me* especially if it is in a themed "publication" & related to the content **
* e.g. I have actually found some of the advertorial content on El Reg an interesting read
** Subscribe to a few wildlife related dead tree magazines, have been on holidays with companies that advertised in those & booked accommodation in B&Bs that advertised there. Relevant ads can be a good thing (unlike website "targeted ads" - I much prefer ads based on the content of the website I am browsing, not some (usually poor***) guess at what I am interested in: If I am on a website that is "themed" in any way (i.e. not a general news / comment web site, then a fair guess I have an interest in the content e.g. El Reg indicates interest in some areas of IT).
*** As I have ad and / or script blocking running to some degree on many sites then the ad profilers do not get a full picture of me, hence "targeted" ads generally do not reflect my interests at all & context based ads would be far better.
"I have pondered recently about how bad the "i hate your adverts so I am never touching your company again with a bargepole" is, or isn't, for advertisers to persist in ramming their wares into your eyeballs at every opportunity."
We don't know, but more importantly, they don't know. I have a feeling though that that has almost no effect. I don't react like you do to advertisements*. I do my best to avoid them and ignore the rest, but I don't record the ones that get through that filter either to intentionally patronize their business or to punish them. In many cases, an advertisement that you're going to respond that way to is one of the many completely useless ones, ones for products you have no interest in anyway or ones where you have no choice**. Also, most of the people who are as averse to advertisements as you are would be blocking most of them, meaning that most advertisers don't feel the effects of your animosity anyway and wouldn't be able to categorize you into that group if they wanted to.
* The exception is when I get the same advertisement over and over again. The main place I notice this is on podcasts, which I listen to several of. In many ways, podcasts work the way I'd like advertising to: they're run by an individual, there's not much tracking of the downloader to try to target an ad at, and there are only a few attempts at centralized advertising networks for them. Unfortunately, that sometimes means that they don't get many advertisers so you just hear the same one over and over. Even then, I don't automatically develop a grudge against the advertiser. In a couple cases, I have built up a grudge against an advertisement or even a product, but I think those grudges are based on real defects with those rather than just having the advert repeated.
** Sometimes, a product is either the only option or clearly the best one, meaning that grudges against the company are kind of meaningless if you know you want to buy one. My ISP ran some annoying ads, but I need an ISP, this one has better prices and contract terms than the alternatives, so I ignore the ads which I'd be subject to regardless and buy their service anyway.
Still, you haven't made the ad campaign to compete with the drek, so it's --as if you don't care-- for reciprocally small values of as if. Or organized legislation cornershots. Or found a solution for their ad campaign's host or rep's car and made it the #1 test case for a given {¢governance_unit_and_session} cybercrime unit having begun.
The linked report gives those lists. The article doesn't quote the lists for all the apps because that would take up a lot of space and isn't of much interest. The problem, as several people have noted, is that those lists don't contain a lot of information. When it says "collects contact details", does that mean that it will remember phone numbers if you enter them into a form or that it finds everything about you and sends it to the company for later misuse? Either way, can you disable it or do you have to accept it? When is the data shared, with whom, and with what terms? None of that is in the lists you can find in the report, meaning that counting them is pretty close to the amount of information you can find by doing this.
Might be interesting to see what data is collected without permission vs that collected with permission. So far as I know Chrome only collects most data if you ask it to; including contacts and financial data. Very easy to turn off and delete the data if you no longer want Chrome to keep it.
I think what a lot of us missed for a long time was that "don't be evil" wasn't "culture". It was strategy. Larry and Sergei knew Google would grow faster and stronger if it could persuade people to trust it, and turning evil too soon would ruin everything. But once they finished their growth phase and were ready to move on to enshittification, it was no longer relevant.
From the linked article:
"Methodology and sources
We identified the 10 most popular web browser apps in the United States using AppMagic..."
Also the research seems a little superficial. In another older review it was noted that both Edge and Yandex reported an unchangeable unique identifier back to home, otherwise both scored better than Chrome. (Aside: It would have been useful to have got an update on the status of the Yandex browser.)
I don't randomly surf so much so there are very few sites that I have a problem accessing. But when i do anything online I use the following methods, in descending order:
1. Tor
2. Mullvad
3. DuckDuckGo (also go-to for any YT videos)
4. If none of them work then I don't need to access the site.
I know that this article only focuses on browsers but browsers are only one part of my snoop-avoiding suite.
I use a VPN, Little Snitch, a virus/malware checker. I use E2EE for cloud storage, texting, email, voice, and video with whoever in my very small circle is willing to do the same.
Each online organization gets a unique alias email address so I can specifically change/block that email address without affecting any others. Also very handy in figuring out who has sold my information. When I discover that has happened I send an email to the organization informing them I don't appreciate their selling my information. In one case an investigation on their end revealed a breach and I received a thank you response.
Due to their limitations I do no surfing on my phone or notepad. Old school; whatever it is can wait until I get home where I have all the privacy tools I can think of on my desktop.
Do I think I have all the options covered? Emphatic >nope< on that one. But its good enough for now until I encounter something else I want to add.
All time favorite quote from the movie Anon: "It's not that I have something to hide; I have nothing I want you to see."
( I usually paraphrase it as, "It's not that I have something to hide; I just have nothing I want to share with you." Ever so slightly more "in your face" than the original quote. )
Use duck duck go, has app tracker blocker.
Ads I see with it on vs off are day and night different, off I see add for anything I've talked at home without searching, searched on Google, amazon, ebay and other platforms vs on absolutely irrelevant ads.
I wish I could share screenshot here, this is just sample of what it blocked on my phone from Home Depot app from Google, Facebook, Adobe, Urban airship, neusrat trackers.
My background, C Suite self made IT at a mid size Corp with 5k employees, massive advocate against Google/meta marketing and spying, handling security, compliance and privacy as our business model was around these, do what you wish but protect yourself!
Few of Google out of 36 Google collected
DuckDuckGo Blocked 329 Tracking Attempts
88 attempts. Known to collect:
Unique Identifier
App Name
Charging Status
CPU Data
⑧ First Name
OS Version
Headphone Status
Country
Screen Resolution
App Install Date
Screen Density
Device Orientation
(p) Network Connection Type
Device Language
Device Boot Time
Device Total Memory
System Volume
Timezone
At least it doesn't insist on having a backup email and password to make sure I'm not locked out of my profile. Maybe keep a burner virtual phone to use as a second factor, and a completely operational clone of Google keying an authentication app snapshot in time.
Quantum safe security to revoke keys in 10^158 years due to decay of universe state. (Just unnecessary programmer things.) But you can spoof reentering your original value of pi then, to make a snapshot.
Part of me wants to have a browser that runs a music tracker that rearranges Nusrat Fateh Ali Khan in a function as core as ad tracking, but another wants to know what neus tracker is. (I got weird results about guide star usage rather than news cookie/pixel stuff seeing if I regifted NYT articles. Sorry.)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
