iOS alternate browser privacy rules prohibit credential syncing #10
Labels
Platform: iOS
Priority: 0 - Essential
Highest level priority, a must have, required for Browsers, Web Apps or functional competition
Status: Open
Open for discussion
Support: Google
Support: Open Web Advocacy
To: Apple
Requests made to Apple
Comments
RByers
added
the
Status: Triage
mtom55
added
Priority: 0 - Essential
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
Apple's privacy requirements for alternate browser engines in the EU state that a browser using an alternative browser engine must:
Without such state-syncing functionality it is impossible to implement a primary feature of nearly all modern browsers: a password manager. For example, a Chrome user must be able to share their passwords between Chrome running on their Windows laptop and Chrome running on their iPhone. Without this feature, users may resort to writing passwords down in insecure locations, or more likely just using another browser which does state sharing.
Outcome
To make a competitive web browser possible at all, browsers must be allowed to sync state to instances of that browser running on other devices. Credentials are the most obvious example, but it's also critical for browsers to be able to sync other state like bookmarks, history, payment instruments, saved addresses, open tabs, etc. It may be reasonable for Apple to require browsers to get explicit user consent to enable such syncing, and to be transparent in what information is being sync'd.
The text was updated successfully, but these errors were encountered: