Microsoft's Chromium-based Edge browser may share the same source code as Google Chrome but new research has revealed that it may have more telemetry than other browsers, putting users' privacy at risk.
According to the software giant, telemetry refers to the system data that is uploaded by the Telemetry components or a browser's built-in services. Microsoft has also been using telemetry data for some time now in Windows 10 as a way to identify issues and to analyze and fix problems in its operating system.
To better understand what data is being shared by popular web browsers, Chair of Computer Systems at Trinity College in Ireland, Professor Douglas J Leith tested Chromium-based Microsoft Edge, Google Chrome, Brave, Russia's Yandex, Firefox and Apple's Safari.
- Microsoft Edge opens add-ons store
- Microsoft Safe Documents keeps all your files protected
- Also check out our complete list of the best browsers
Unfortunately though, Microsoft Edge didn't perform well in the various privacy tests conducted by Leith.
Telemetry in Microsoft Edge
During his testing of Microsoft Edge, Leith noted that every URL typed into the browser would be sent back to Microsoft sites. For instance, every URL typed into Edge's address bar is shared with Bing as well as other Microsoft services such as SmartScreen.
Leith also found that the browser sends unique hardware identifiers to Microsoft which cannot be easily changed or deleted. He provided more details on these identifiers and on how Microsoft Edge is similar to Yandex from a privacy perspective in his paper on the subject, titled “Web Browser Privacy: What Do Browsers Say When They Phone Home?”, saying:
“From a privacy perspective Microsoft Edge and Yandex are qualitatively different from the other browsers studied. Both send persistent identifiers than can be used to link requests (and associated IP address/location) to back end servers. Edge also sends the hardware UUID of the device to Microsoft and Yandex similarly transmits a hashed hardware identifier to back end servers. As far as we can tell this behaviour cannot be disabled by users. In addition to the search autocomplete functionality that shares details of web pages visited, both transmit web page information to servers that appear unrelated to search autocomplete.”
Unlike in its consumer version, Microsoft Edge for Enterprise gives administrators much more control in deployments and they can disable all of these trackers. However, the trackers are still enabled by default in all Edge installations.
Microsoft told TechRadar Pro that it was committed to privacy, and that it adheres to GDPR and other data protection regulations when it comes to handling consumer information.
A company spokesperson added that Edge always asks for permission when collecting user data, and customers can turn off such functions at any time.
- We've also highlighted the best VPN services
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.