Microsoft's Chromium-based Edge browser may share the same source code as Google Chrome but new research has revealed that it may have more telemetry than other browsers, putting users' privacy at risk.
According to the software giant, telemetry refers to the system data that is uploaded by the Telemetry components or a browser's built-in services. Microsoft has also been using telemetry data for some time now in Windows 10 (opens in new tab) as a way to identify issues and to analyze and fix problems in its operating system.
To better understand what data is being shared by popular web browsers, Chair of Computer Systems at Trinity College in Ireland, Professor Douglas J Leith tested Chromium-based Microsoft Edge, Google Chrome, Brave, Russia's Yandex, Firefox and Apple's Safari.
- Microsoft Edge opens add-ons store
- Microsoft Safe Documents keeps all your files protected
- Also check out our complete list of the best browsers
Unfortunately though, Microsoft Edge didn't perform well in the various privacy tests conducted by Leith.
Telemetry in Microsoft Edge
During his testing of Microsoft Edge, Leith noted that every URL typed into the browser would be sent back to Microsoft sites. For instance, every URL typed into Edge's address bar is shared with Bing as well as other Microsoft services such as SmartScreen.
Leith also found that the browser sends unique hardware identifiers to Microsoft which cannot be easily changed or deleted. He provided more details on these identifiers and on how Microsoft Edge is similar to Yandex from a privacy perspective in his paper on the subject, titled “Web Browser Privacy: What Do Browsers Say When They Phone Home? (opens in new tab)”, saying:
“From a privacy perspective Microsoft Edge and Yandex are qualitatively different from the other browsers studied. Both send persistent identifiers than can be used to link requests (and associated IP address/location) to back end servers. Edge also sends the hardware UUID of the device to Microsoft and Yandex similarly transmits a hashed hardware identifier to back end servers. As far as we can tell this behaviour cannot be disabled by users. In addition to the search autocomplete functionality that shares details of web pages visited, both transmit web page information to servers that appear unrelated to search autocomplete.”
Unlike in its consumer version, Microsoft Edge for Enterprise gives administrators much more control in deployments and they can disable all of these trackers. However, the trackers are still enabled by default in all Edge installations.
Microsoft told TechRadar Pro that it was committed to privacy, and that it adheres to GDPR and other data protection regulations when it comes to handling consumer information.
A company spokesperson added that Edge always asks for permission when collecting user data, and customers can turn off such functions at any time.
- We've also highlighted the best VPN services
Via BleepingComputer (opens in new tab)