Critiques & Solutions

Apple Safari’s Half-guided Privacy Measures

I like Safari’s privacy protecting mode. I use it often. You should, too. Privacy isn’t about what we might choose to hide, but rather about what we might choose to reveal about ourselves. The general public has no right to know everything that I am or everything that I do. [end of rant]

Safari's Privacy WarningNow that I’ve said that clearly, let me point out how Apple has missed the boat on a few aspects of their privacy implementation in Safari.

My data should be mine to control and when my data is at risk, I should be warned and, ideally, protected from unintended disclosure. To me, that means that I should be able to set privacy as the default, I should be reassured that privacy protecting settings are active, and I should be warned if they’re going to be turned off. Safari does none of these things.

There’s no way to set “Private Browsing” as the default start-up state for Safari. I should transparently be able to configure my browser so that protecting me is the default. Full exposure should not be the mandated starting point. It’s a bit like requiring to get dressed in my driveway; the things I want to keep private have already been exposed to public scrutiny.

When you activate “Private Browsing” in Safari, you get a warning that no cookies or history will be saved once the window is closed. While that’s comforting, it’s offered more as a warning than an assurance that you’re now safe.

While you’re in “Private Browsing” mode, there’s no indicator that you’re protected, unless you pull down Safari’s application menu to check the check mark next to the menu item. Much like indicators of session encryption security (the little padlock icon in the upper-right corner of the Safari window), there should be a privacy indicator visible whenever the option is active. I want to know at a glance whether my data might be leaked!

When you disable “Private Browsing”, there’s no notice at all. If you quit or crash Safari and relaunch, private browsing is silently turned off. That’s not at all reassuring!

Please, Apple, think of users’ protection first in the user experience! Is the user safe by default? Do they know that? Are they warned when they might be compromised?