Data synchronization is the feature that keeps the browsing data (bookmarks, history, passwords, preferences etc.) in sync across multiple devices (laptop, phone etc.).
Here is how the top three browsers implement this feature. You can see how each of them handle it in a way that either protects or reduces privacy:
-
Google implements this by asking the user to login to their Google account and updates the server copy whenever there are changes in any of the devices. It also stores all the browsing data on Google servers.
-
Brave follows a privacy-first approach which synchronizes the data using encrypted chains. It asks the user to create a sync code (a QR code) on the ‘source’ device and enter the same code in the ‘destination’ device - this is the encrypted sync chain. Then the source device encrypts the data and synchronizes it through an end-to-end encrypted channel passing date to Brave’s relay servers. These servers cannot read the data because it is encrypted and do NOT store the sync data. Only the user’s devices with the proper keys can read the data. So the destination device where the user gave the sync code will download the data, decrypt it locally using the user’s private key and update it.
-
Firefox follows a slightly different approach that balances privacy with convenience. It encrypts the sync data locally on the device using an encryption key derived locally from the user’s Firefox account password and sends the encrypted data to Mozilla’s servers. The encryption key never leaves the user’s device, so the servers cannot decrypt the data.