In the tech world, Apple is one of the companies that is strangely privacy-focused. Because of this, a possible violation of user privacy easily attracts massive attention. This proved to be the case with a report Reclaim the Net released recently, which revealed that the Safari browser sends data about users' visited sites to Google and to China's Tencent.

While the Cupertino-based tech giant has already clarified the tole of Tencent and has stressed that it is only applicable to region-coded devices within mainland China, it appears that it may be violating EU's Privacy Law. Experts claim that users do not give explicit consent to their data being shared in this manner. Cryptography Professor Matthew Green of John Hopkins explained in a blog post about this situation.

EU Eyes Likely Violation on Apple e-Book Deals with Giant Publishers
Tech giant Apple has struck a deal with major publishers in Europe but the European Commission (EC) is reportedly looking into the fine prints of the e-book agreement following allegations of price fixing. REUTERS

The current approach of Google in flagging up fraudulent sites does not include sending the company every web address that a user opens or visits. In other words, the practice has horrendous privacy implications. And, while the system may be intentionally designed to protect users from malicious sites, scams, and phishing attacks, but it could still be in violation of the EU privacy rules because users still need to opt-out of the system instead of opting in. According to Fortune, Apple may be breaking the ePrivacy Directive of 2002.

It particularly specifies electronic communications and is best noted as one that forces sites to show cookie notices. Michael Veale, University College of London lecturer in digital rights and regulations, stated that there are several questions about whether the Cupertino-based company should be asking for explicit consent from the user before sending their data to the search engine giant even if the data is simply abbreviated hashes. This is because when a company gains access to the users' data through its device for the purpose not essential to the service being offered, it becomes an issue with the ePrivacy Directive.

In this case, GDPR level consent is necessary, said Veale. However, even if Apple has violated the EU ePrivacy Directive, it is still unlikely that it will be given a serious punishment. In the tech world, this directive is ancient, and it provides every EU country the discretion over the penalties that it wants to fine for the company's violations.