Security Experts:

Connect with us

Hi, what are you looking for?



Microsoft’s IE Browser Trumps Rivals on User Privacy Features

When it comes to user privacy, a new report says Microsoft’s flagship Web browser offers the best default features to block user-tracking and third party cookies.

When it comes to user privacy, a new report says Microsoft’s flagship Web browser offers the best default features to block user-tracking and third party cookies.

According to a study from NSS Labs, Microsoft Internet Explorer 10 trumps Google Chrome and all other browsers with regard to out-of-the-box privacy configuration, including the way the controversial “Do Not Track” mechanism is implemented.

The Do Not Track header, available in all modern browsers, effectively requests that a web application disable either its tracking or cross-site user tracking of in individual web surfers. According to the NSS Labs study, Microsoft is the only browser that enables Do Not Track by default.

IE 10 Privacy FeaturesWhile it acknowledged that the Do Not Track technology does very little to protect privacy, the study found that IE 10 users “will be far better protected by default” than will the users of any other current browser.

While Microsoft has implemented the mechanism by default, rival Google offers the feature but makes it difficult to enable. To turn on Do Not Track in Google Chrome, users must navigate to the Settings menu, go to the Advance Settings before finding the Do Not Track checkbox.

Interestingly, Apple’s Safari browser also received rave reviews in the study, taking the second spot behind IE 10 when it comes to out-of-the-box privacy configurations.

If Safari had a significant market share, NSS Labs argues that Apple’NQ s decision to disable third-party cookies by default would likely have aggravated the advertising industry.

By contrast, the research outfit found that Google and Mozilla (makers of the Firefox browser), “have trailed the industry in providing privacy protections for consumers, with Google even bypassing Safari’s cookie -blocking and incurring a US$22.5 million fine.

NSS Labs also pointed out that Google for circumventing third-party cookie blocking in IE in the past.

While Mozilla Firefox has indicated that it intends to block third-party cookies and enable Do Not Track by default, NSS Labs said the open-source group has yet to implement these changes and now “trails IE and Safari” in the privacy department.

“Google’s Chrome places a distant fourth, not only because of its default configuration and its obscure placement of privacy options, but also because Google’s history of evading privacy protections in other browsers,” according to the report.

The NSS Labs report (download PDF here) also covers the different browser vendors approach to Private Browsing, Geolocation exposure and tracking protection lists.

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...


U.S. fighter jets successfully shot down the high altitude spy balloon launched by and belonging to China.


Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.


The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...


The U.S. is tracking a suspected Chinese spy balloon spotted over U.S. airspace, officials said on Feb. 2, 2023.


Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...