Please remove MS gathering of data from WebView2

[ukandrewc]

The fact that MS are using WebView2 to gather information from anyone who uses it, is a big problem. Please remove that functionality from WebView2

[mikeduglas]

+1

-- Mike

ср, 7 июл. 2021 г. в 19:45, ukandrewc @.***>:

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/MicrosoftEdge/WebView2Feedback/issues/1508, or unsubscribe https://github.com/notifications/unsubscribe-auth/AC5IURJTFEVMNCMZSOTXIT3TWSACRANCNFSM477A34UA .

[ajtruckle]

What data does it gather?

[ukandrewc]

@ajtruckle Don't know, because it sends encrypted data to several an MS endpoints.

I have requested a response from MS CEO. So far I have had a phone call and email, which included this sentence "Also I request you to please share the Microsoft license agreement which mention that Microsoft will collect personal data". It's as if they see it as a right.

There doesn't seem to be any denial that MS collects personal data. My objection is that they shouldn't have any backdoor into WebView2. This isn't just about WebView2, it's about privacy and an abuse of MS' position. It is not acceptable.

WebView2 has access to the entire browsing history, page content, logins, the device, it's camera and mic, you decide what they could do with that.

In the EULA that covers WebView2, MS have this This data is transmitted to Microsoft and stored with one or more unique identifiers that can help us recognize an individual user on an individual device and understand the device's service issues and use patterns

[Cendor]

Maybe you have to disable SmartScreen protection? https://github.com/MicrosoftEdge/WebView2Feedback/issues/707

[ukandrewc]

SmartScreen calls are different, but I'm asking MS to remove the functionality for data gathering through WebView2.

We've spent months on integrating WebView2 with our application, but we simply cannot release it to our users with this condition in place. MS could harvest logins, bank details, input from cameras and microphones.

Just not prepared to subject our clients to Big Brother style oppression.

[RickStrahl]

While I don't disagree with your on the data collection, I think you can minimize your exposure by using a custom environemnt profile which you can set up when the control is created. That sets up a separate environment outside of the standard 'Edge' application that inherits none of the browser specific data. If you don't want to keep anything just wipe the profile and create it each time you use the control.

There's no way to know what Microsoft collects exactly, but if you use a separate profiles, that's the data isolation scenario that it's intended for to have its own history/session/cookie/localdata etc. I think that's exactly the scenario that the separate browser environment is meant for... Now whether Microsoft respects that 100% with their encrypted data - that's another story, but my feeling is that would be a massive problem for MS if it turns out they're going beyond the browser environment settings to read sensitive data and send it without consent.

Clarification on exactly what Microsoft collects certainly would be useful though - agree 100% on that!

Just my 2cents.

[ukandrewc]

@RickStrahl Thanks for the input and suggestion, but the user profile is not the issue. It's that MS is sending encrypted data to an endpoint of theirs, without express permission, transparency or disclosure of what they are gathering.

I won't be using WebView2, which is a huge disappointment. I cannot accept MS' lack of morality and transparency on this issue.

Are you aware that MS also require you to put into your licensing that MS will be collecting your users' personal data, whenever they use your app?

[ajtruckle]

In all due respect, surely WebView2 is just a wrapper for Edge. So if you have an issue with one, you have an issue with the other.

A browser presents data to a user. It is the owner of the data being browsed to that has responsibility for his data collected and showing permission.

If webview2 does do this then I am sure they would chime in and put this right. Maybe I am naive. 😊

On 11 Jul 2021, at 21:00, ukandrewc @.***> wrote:

@RickStrahl https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FRickStrahl&data=04%7C01%7C%7C409b47e6940e43628a1308d944a686e3%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637616304273971235%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=FRdlaqZNs7zBNh7lN7RPmb4qOsuH5s3P3LNHWomlPIA%3D&reserved=0 Thanks for the input and suggestion, but the user profile is not the issue. It's that MS is sending encrypted data to an endpoint of theirs, without express permission, transparency or disclosure of what they are gathering.

I won't be using WebView2, which is a huge disappointment, because I cannot accept MS' lack of morality and openness.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FMicrosoftEdge%2FWebView2Feedback%2Fissues%2F1508%23issuecomment-877852840&data=04%7C01%7C%7C409b47e6940e43628a1308d944a686e3%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637616304273971235%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=ySddwlKXQEVUCaTQwTof2iybOyspRgFNWCSPk4SSgm0%3D&reserved=0, or unsubscribe https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAB45RM2W63EY27QVJ67ELI3TXHZ5TANCNFSM477A34UA&data=04%7C01%7C%7C409b47e6940e43628a1308d944a686e3%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637616304273981184%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=%2FrUHxdwcXvk%2BwE6yitEni5evWX4oE2ykUN%2Bac%2BuaGDI%3D&reserved=0.

[ukandrewc]

@ajtruckle I do, that's why I've unistalled it, and am now using Chrome. Apologies, but yes you are being naive ;-(

What if MS are collecting the login that allowed you to be presented witn that data, so now they can login themselves?

[ajtruckle]

My app is not web based nor has login. It simple shows a schedule to the user. So I don’t have these concerns.

Get Outlook for iOShttps://aka.ms/o0ukef

---

From: ukandrewc @.> Sent: Sunday, July 11, 2021 9:11:32 PM To: MicrosoftEdge/WebView2Feedback @.> Cc: ajtruckle @.>; Mention @.> Subject: Re: [MicrosoftEdge/WebView2Feedback] Please remove MS gathering of data from WebView2 (#1508)

@ajtrucklehttps://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fajtruckle&data=04%7C01%7C%7C49a3d123f9fa41f8ced708d944a813ed%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637616310954370482%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=m2og4so%2FQBOZOGSxbeIfFKoAXxft0Nb41WC4HhqLMNw%3D&reserved=0 I do, that's why I've unistalled it, and am now using Chrome. Apologies, but yes you are being naive ;-(

What if MS are collecting the login that allowed you to be presented witn that data, so now they can login themselves to your data?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FMicrosoftEdge%2FWebView2Feedback%2Fissues%2F1508%23issuecomment-877854318&data=04%7C01%7C%7C49a3d123f9fa41f8ced708d944a813ed%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637616310954370482%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=%2Bb00fRXevEaQm76%2BK8jdIOSWJW4ppuMcRcfxdmaVDJM%3D&reserved=0, or unsubscribehttps://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAB45RM2JHKMUEQ3WASH2XU3TXH3HJANCNFSM477A34UA&data=04%7C01%7C%7C49a3d123f9fa41f8ced708d944a813ed%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637616310954380439%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=vLbIeAC26YkeSUrAo4wIIxVYb%2BZqxmB4S16xnREfhVU%3D&reserved=0.

[ukandrewc]

@ajtruckle Remember WebView2 also has access to the OS and everything on the device, it's running on.

[ajtruckle]

Yes. But I can’t live my life stressing about that. Our data is tracked more than we realise I guess. If this is a breach I am sure they will admit it.

How do you know Chrome doesn’t? No one knows at the end of the day. For now, I am getting back to the euro final. 😀

Get Outlook for iOShttps://aka.ms/o0ukef

---

From: ukandrewc @.> Sent: Sunday, July 11, 2021 9:15:27 PM To: MicrosoftEdge/WebView2Feedback @.> Cc: ajtruckle @.>; Mention @.> Subject: Re: [MicrosoftEdge/WebView2Feedback] Please remove MS gathering of data from WebView2 (#1508)

@ajtrucklehttps://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fajtruckle&data=04%7C01%7C%7C2fd9cdc789d249bb7c0908d944a8a040%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637616313289233105%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=hAFVpxaEBqzWwep4RCgBvj7jmqutsJA6XdPmmeJMbNE%3D&reserved=0 Remember WebView2 also has access to the OS and everything on the device, it's running on.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FMicrosoftEdge%2FWebView2Feedback%2Fissues%2F1508%23issuecomment-877854839&data=04%7C01%7C%7C2fd9cdc789d249bb7c0908d944a8a040%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637616313289243061%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=3lfbpUThjKkXrpa1cBIn1HxDirMc4cepjHC%2BLwiqFt0%3D&reserved=0, or unsubscribehttps://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAB45RM5RCU7CNTYEWYPXNTTTXH3V7ANCNFSM477A34UA&data=04%7C01%7C%7C2fd9cdc789d249bb7c0908d944a8a040%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637616313289243061%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Dt544zarxn8vTgXD2bs6xwAfRDkFC9J3L08iwc1uW4c%3D&reserved=0.

[RickStrahl]

@ukandrewc LOL - seriously? You're switching to Chrome from Edge and think that's better? That's a laugh... Google monitors everything you do in Chrome.

If anything use Brave (I do) or perhaps Vivaldi, but you can never be sure what exactly gets sent to the the vendor that owns the host.

Just because data gets sent doesn't meant that anything malicious happens. Seriously you think that Microsoft is snatching your login data? If this were so and it comes out, do you realize what repercussions that would have for Microsoft and their carefully crafted security image? And it usually does come out either via internal sources, or from external white hat deconstruction.

Again - I agree that we should have transparency here, but taking it to those extremes is insanely paranoid.

[ukandrewc]

@RickStrahl You wouldn't be impressed if I was rude about you, so please don't.

I haven't said anything malicious happens. I'm simply asking for data collection to be removed.

This isn't about paranoia (again, no need for rudeness) but I can't complain about this happening, and then support it.

[ukandrewc]

As there has been no comment here by MS, we have to leave this project. George Orwell was only 35 years out.

[cremor]

See #916

[ajtruckle]

Interesting reading. Thanks for sharing @cremor . I confess I did not read it all.

I think people forget that this is a browser control. And there are laws governing use of browsers isn't there? Like dodgy internet traffic. So there may be certain rules that need to be enforced. But I ak uneducated in these things.

1. If there is a requirement for making a statement about privacy data in our own applications that MS should not have that buried in their EULA. It should be made plain and simple.
2. MS needs transparency. For example, I have had to be very clear with Google about how I use their APIs and they have had to approve my consent pages. Fortunately I fall into the free service category. I had to be transparent with Google,mso I could be transparent with my users.

Now, as far as I a concerned, WebView2 is a "Microsoft Control". It is theirs. It is their responsibility. After all, CHtmlView is natively used in our applications for over 20 years and no one things to say that the control will log webpages we visit. As users we take it as read that some of our behaviours will be observed.

It is good that it can be switched off by the user. But as I say:

1. They should explain all this really simply and assist us to make sure we use their tools correctly.
2. They need to be very clear on whether the data they obtain is personal or anonymous.

At the moment I am holding off on my WebView2 version of my software is clear. I am a sole developer and can't pay for legal advice. I understand no specific wording from Microsoft because that holds them accountable. But they do b=need to be transparent and specific about if they obtain personal data. I need to know, so I don't breach any GDPR rules.

[champnic]

Hey all - we're working with legal on improving the clarity here both in the license and in our documentation. My hope is that we can make it so that you know more about what data is collected and when it is collected, what controls end-users have access to, and to make it so devs can use WebView2 without feeling like lawyers are a necessity to abide by the license terms. I doubt we'll be able to appease everyone as there will probably always be some basic diagnostics being collected, but hopefully we'll be able to ease concerns of nefarious misuse of personal data like stealing login info.

I'll use this issue to track the doc change and give updates. Thanks!

[ajtruckle]

Hi @champnic , we are grateful for anything that can be done in this regard. Thanks.

[ukandrewc]

@champnic Just remove all data gathering by MS - of course you want to leave the ability to get crash dumps, etc. but you need to ask the end user before doing that. We have now moved to CEFSharp, entirely due to this issue, but I still want to see it resolved for others.

[IllusionaryX]

Yes, this is a huge problem, especially since now it seems WebView2 is a prerequisite for using Maui. We we intending on porting our Xamarin app to Maui, but now since we can't describe what information our app will be collecting we have put the brakes on that. We will then have to actively look for another framework to use. Thankfully this is happening at a time when we can make a choice to port to a different framework in lieu of porting to Maui, and increasing our sunk costs.

If MS does not remove this entirely or provide VERY concise guidance, this is a no go for OUR legal liability.

[shawncleverdon]

@champnic Why must "there will probably always be some basic diagnostics being collected"? This is a component, not part of a Microsoft application.

I don't want you collecting diagnostics about my applications. This is a huge overreach by Microsoft in my eyes. That you seem to think it's ok to collect diagnostics for my applications is very, very troubling. Rather than "working with legal on improving the clarity here both in the license and in our documentation" just remove the data leak. And it is a data leak.

[SavSanta]

Yes, this is a huge problem, especially since now it seems WebView2 is a prerequisite for using Maui.

Thank you for the detailed info on this.

[leaanthony]

@champnic - any update on this?

[maurawinstanley]

Sorry for the delays, here is document describing WebView2 data usage/privacy thanks - https://learn.microsoft.com/en-us/microsoft-edge/webview2/concepts/data-privacy?tabs=dotnetcsharp.

[champnic]

Hey all - please give the doc that @maurawinstanley posted a read. For more specific requests on features to better control privacy related features, or if there's info you think is missing from the document, please let us know in a new issue. Thanks!