This is the twentieth post in an ongoing, regular series describing new and upcoming privacy features in Brave. This post describes work done by iOS Privacy Engineer Jacob Sikorski. This post was written by Senior Director of Privacy Peter Snyder.
Recent versions of Brave on iOS include many new privacy features, ensuring that Brave iOS users have the strongest available protections of any iOS browser. Apple-imposed restrictions make it difficult for us to include some of the advanced privacy protections from our Desktop and Android browsers in our iOS browser. However, our new iOS browser works around these limitations, and brings the privacy features on Brave iOS closer into alignment with our other platforms.
Debouncing and de-AMP-ing to avoid tracking sites
Since the recent Brave iOS 1.39 release, Brave protects users from a form of tracking where the tracker records what sites you visit by getting between you and the content you want to see. Brave for iOS now includes the debouncing and de-AMP-ing protections already available on other platforms of the Brave browser.
Google’s AMP system allows Google to learn about your interests by serving content on behalf of the site you intended to view, rather than showing you the site itself. Bounce tracking similarly allows trackers to learn about your interests by getting in the middle of the site you’re coming from and the site you intend to visit. Brave iOS users now have protections against both kinds of tracking.
Enhanced content blocking for tracker protection
Brave iOS versions 1.41 and later include additional, advanced tracker blocking capabilities. Brave iOS has always included optimized versions of popular filter lists, applied through Apple’s Content Blocking system.
Though useful, Apple’s Content Blocking system has significant limitations, including restrictions on the number and kinds of tracker-blocking rules that can be applied. These restrictions are very similar to the kinds of alarming restrictions Google is pushing through its Manifest v3 system. As a result, Brave iOS users have not been able to enjoy the full range of advanced blocking and content filtering protections available on our Desktop and Android releases.
Starting in version 1.41, Brave iOS includes workarounds for some of the limitations Apple imposes on iOS browsers. These workarounds mean Brave iOS users can enjoy a greater number of the dynamic blocking capabilities already available on Desktop and Android. Future Brave iOS versions will further close the gap between platforms.
Randomization to protect against browser fingerprinting
Brave iOS versions 1.38 and later include even stronger protections against browser fingerprinting. Brave iOS previously protected users against browser fingerprinting by disabling vulnerable APIs in third-party frames. This approach was useful, but neither ideal (since it only provided moderate protections in first-party contexts) nor compatible (since it broke some desirable third-party uses of these APIs).
While Brave iOS users were partially protected against fingerprinting because of protections built into WKWebView (the browser engine Apple forces all iOS browsers to use), Apple’s restrictions made it difficult to provide the more robust and compatible protections available in Brave on Desktop and Android.
Starting in version 1.38, Brave iOS included the kinds of fingerprint randomization defenses Brave includes on our other platforms. These protections not only provide even stronger defenses again fingerprinting, but they do so in a more comprehensive (they’re enabled by default in first-and-third-party contexts) and compatible (they maintain benign uses while preventing fingerprinting) manner than was available in earlier iOS versions.
Why are privacy protections on iOS tricky?
Brave iOS provides the strongest privacy protections available on iOS browsers. However, Apple’s restrictions prevent us from providing iOS users with the full range of advanced, best-in-class privacy protections Brave includes in its Android and Desktop versions.
On the upside, Apple’s platform restrictions limit the kinds of harm tracking companies can inflict; the worst iOS app is still more private than the worst Android or Desktop app. However, this cuts the other way, too: Apple’s restrictions limit the kinds of extra protections privacy-respecting and protecting companies (like Brave) can provide. Basically, Apple limits both the bad that privacy-harming companies can do, but also limits the good that responsible companies can provide.
We hope that Apple will loosen these restrictions, and provide advanced capabilities to companies like Brave that are dedicated to protecting user privacy.