Nav0

Appearance

Nav0 vs Safari: Privacy by Default vs. Privacy by Apple's Terms

By Nav0 Team · March 31, 2026 · 11 min read

Safari is the browser that privacy-conscious users point to when someone says, "But I don't use Chrome." And for good reason. Apple has invested heavily in privacy as a brand pillar. Intelligent Tracking Prevention, fingerprinting resistance, Privacy Reports — Safari does more to protect users than any other mainstream browser.

Nav0 respects what Safari has accomplished. Of all the major browsers, Safari is the one we disagree with least.

But "best of the mainstream" isn't the same as "private." Safari is still Apple's browser, built to serve Apple's ecosystem, controlled by Apple's decisions, and available only on Apple's platforms. The privacy it offers comes with conditions — and those conditions matter more than most people realize.

Intelligent Tracking Prevention: Good, but Apple's Version of Good

Safari's Intelligent Tracking Prevention (ITP) is genuinely impressive engineering. It uses machine learning to identify cross-site trackers, limits cookie lifetimes for classified domains, blocks third-party cookies by default, and restricts referrer information. On paper, it's one of the most sophisticated anti-tracking systems in any browser.

But ITP is a classification system, not a blocking system. It decides which domains are trackers and applies varying restrictions based on that classification. The machine learning model runs locally, which is good. But the decisions about what counts as tracking, how aggressively to restrict it, and which exceptions to carve out are all made by Apple.

This matters because Apple has business relationships with companies whose tracking ITP is supposed to restrict. Google pays Apple an estimated $20 billion per year to remain the default search engine in Safari. That deal means every search you make in Safari by default goes through Google — the largest advertising and tracking company on the planet. ITP blocks third-party tracking cookies, but it does nothing about the data you send directly to Google through the search bar.

Nav0 blocks third-party cookies, trackers, and ad scripts at the network level. No classification model. No exceptions. No deals with search providers. Nav0's default search engine is DuckDuckGo — not because we have a partnership, but because it doesn't track users. And you can change it to whatever you want.

The iCloud Problem

Safari's most-promoted feature among Apple users is sync. Your bookmarks, tabs, history, passwords, and extensions sync seamlessly across your Mac, iPhone, and iPad through iCloud. It's convenient. It's also a fundamental compromise.

When your browsing data syncs through iCloud, it lives on Apple's servers. Apple encrypts much of this data in transit and at rest, and with Advanced Data Protection enabled, most iCloud data is end-to-end encrypted. But "most" isn't "all." More importantly, the feature requires an Apple ID, which means your browsing data is tied to your identity — your real name, email address, payment information, and device inventory.

Apple's privacy policy gives them the right to use your data to "improve our products and services." Even with strong encryption, the metadata — when you sync, how many bookmarks you have, which devices you use, how frequently you browse — is operationally visible to Apple.

Nav0 doesn't sync because your data never leaves your device. There's no account. No cloud. No server that knows what you bookmarked. Your browsing data lives in a local SQLite database on your machine and nowhere else. If your hard drive dies, that data is gone — and that's the point. Data that doesn't exist remotely can't be breached, subpoenaed, or silently accessed.

Apple's Ecosystem Lock-In

Safari only runs on Apple platforms. macOS, iOS, iPadOS. That's it. If you use a Windows PC at work, a Linux machine for development, or an Android phone, Safari isn't an option. Your "private" browser is locked to one company's hardware ecosystem.

This isn't an oversight. It's a strategy. Safari exists to make Apple's platforms more valuable. Every Safari feature — Handoff, iCloud tabs, Apple Pay integration, Passkeys — is designed to keep you inside Apple's ecosystem. The browser is a retention tool.

When you invest in Safari — building up your bookmarks, saving passwords in iCloud Keychain, relying on iCloud tabs across devices — you're investing in Apple's platform. Switching away means leaving that data behind or going through painful export processes that Apple doesn't make easy.

Nav0 runs on macOS, Windows, and Linux. It doesn't care what phone you use, what cloud services you subscribe to, or what company made your computer. Your browser should work wherever you do, not wherever one company allows.

Closed Source: Trust Us, Says Apple

Safari's rendering engine, WebKit, is open source. But Safari itself — the browser application, the UI, the sync infrastructure, the tracking prevention logic, the telemetry systems — is closed source. You cannot audit what Safari does on your machine. You cannot verify Apple's privacy claims by reading the code.

Apple asks you to trust them. And relative to Google or Microsoft, Apple has earned more of that trust. But trust is not verification. History has shown that even well-intentioned companies make mistakes, face government pressure, or change policies when business conditions shift.

In 2021, Apple's CSAM scanning proposal revealed that the company had built — and nearly deployed — a system that would scan photos on users' devices before uploading to iCloud. The backlash killed the rollout, but the technology was built. Safari users had no way to know this was being developed because the code is closed.

Nav0 is fully open source under the MIT license. Every line of code is auditable. The ad blocker is auditable. The database schema is auditable. The IPC channels between processes are auditable. If we ever added telemetry — which we won't — you could see it in the code before it ever ran on your machine.

Safari's Telemetry: Not Zero

Safari is quieter than Chrome or Edge, but it's not silent.

Safari checks for updates through Apple's software update infrastructure. It contacts Apple's servers for Safe Browsing checks (via a proxy, to Apple's credit). It sends data to Apple when you use Siri Suggestions in the address bar. It phones home for iCloud sync, certificate validation, and extension updates. If you use Apple's suggested sites or search suggestions, those queries go to Apple.

Safari's Privacy Report tells you how many trackers it blocked — which is useful — but it doesn't tell you about the requests Safari itself made to Apple. The transparency is selective.

Nav0 makes zero unsolicited network requests to any server we operate. We don't check for updates in the background. We don't phone home. We don't run Safe Browsing checks against external databases. When your browser is idle, it produces zero network traffic. Not reduced traffic. Zero.

The Search Engine Default

This deserves its own section because it's the single largest privacy hole in Safari.

Google is Safari's default search engine. Apple receives billions of dollars per year for this arrangement. When you type something in Safari's address bar and press Enter, that query — along with your IP address, device information, and cookies if you're signed into Google — goes to Google. ITP doesn't help here. Privacy Reports don't count this. The most sophisticated anti-tracking technology in any mainstream browser does nothing to protect the most sensitive data you generate: your search queries.

Apple could default to DuckDuckGo. Apple could build their own privacy-focused search engine — they have the resources. Instead, they took the money. Twenty billion dollars a year is a powerful incentive to keep the status quo.

Nav0 defaults to DuckDuckGo. Not because of a partnership. Not because of a payment. Because DuckDuckGo doesn't track your searches, and that's what a privacy-focused browser should default to. You can change it to Google if you want — but you have to make that choice yourself.

Web Extensions: Apple's Walled Garden

Safari supports extensions, but only through the App Store. Every Safari extension must be reviewed and approved by Apple. This gives Apple control over what functionality can be added to their browser. Extensions that compete with Apple features, violate Apple's guidelines, or enable behavior Apple doesn't approve of are rejected.

The App Store model also requires developers to pay for an Apple Developer account ($99/year) and go through a review process. This creates a barrier that limits the Safari extension ecosystem. Many popular browser extensions simply aren't available for Safari because developers don't want to deal with Apple's gatekeeping.

Nav0 doesn't support extensions — but for a different reason. Extensions are a privacy and security risk regardless of the store they come from. We've written about this. Nav0 builds privacy protections directly into the browser so you don't need extensions to be safe. If we ever add extension support, it won't be controlled by a gatekeeper.

Privacy Reports: Transparency Theater

Safari's Privacy Report is a feature that shows users how many trackers were blocked and which websites attempted to track them. It's a nice dashboard. Users like seeing big numbers.

But Privacy Reports only show what Safari wants you to see. They show blocked third-party trackers. They don't show:

  • Requests Safari makes to Apple's own servers
  • Data sent through iCloud sync
  • Queries forwarded to Google through the default search engine
  • Information collected by Apple's Siri Suggestions
  • Metadata generated by Safari's own update and telemetry systems

A privacy report that excludes the browser vendor's own data collection isn't a privacy report. It's marketing.

Nav0 doesn't need a privacy report because there's nothing to report. No trackers to count because they're blocked before they load. No vendor requests to disclose because we don't make any. The most transparent privacy report is the one that isn't necessary.

Apple Pay and Financial Integration

Safari integrates directly with Apple Pay. When you visit a merchant that supports it, Safari presents Apple Pay as a payment option, leveraging your stored cards, shipping addresses, and billing information from your Apple account.

This is convenient. It's also your browser intermediating your financial transactions and connecting your browsing activity to your purchasing activity. Apple says they don't track what you buy with Apple Pay. But the integration exists, the infrastructure is there, and the connection between "websites you visit" and "things you buy" is architecturally present in the browser.

Nav0 doesn't integrate with any payment system. When you want to pay for something online, you interact with the website directly. Your browser doesn't need to know your credit card number, and it definitely doesn't need to be part of the transaction flow.

Performance and Resource Usage

Credit where it's due: Safari is fast. It's the most energy-efficient browser on macOS by a significant margin. WebKit is optimized for Apple's hardware, and Safari's tight integration with macOS means better battery life, smoother scrolling, and lower memory usage than Chrome, Firefox, or Edge on a Mac.

Nav0 is built on Electron, which uses Chromium under the hood. On macOS, it won't match Safari's energy efficiency or native rendering performance. That's a real tradeoff. If you're on a MacBook and battery life is critical, Safari has a genuine advantage.

But Nav0 is lightweight in a different way. It doesn't run background processes for sync, Siri Suggestions, or update checking. It doesn't load sponsored content on new tabs. It doesn't maintain connections to cloud services. In terms of what the browser does when you're not actively using it, Nav0 is lighter than Safari.

What Safari Gets Right

We're not here to pretend Safari is a bad browser. It's the best mainstream browser for privacy, and here's what it genuinely does well:

  • Intelligent Tracking Prevention is real engineering, not marketing. It materially reduces cross-site tracking.
  • Fingerprinting protection is among the best in any browser. Safari presents a simplified system configuration to websites.
  • Energy efficiency on macOS is unmatched. Safari is better for battery life than every alternative.
  • Reading experience is excellent. Reader mode, clean typography, and minimal chrome.
  • Security model is strong. Process isolation, sandboxing, and Apple's platform security all benefit Safari users.
  • No crypto wallet, no AI assistant. Safari hasn't followed Brave, Edge, and Chrome into bolting on unrelated features (though Apple Intelligence integration is changing this).

Safari is a genuinely good browser made by a company that takes privacy more seriously than most. Our disagreement isn't with Safari's quality — it's with the conditions attached to its privacy.

What You Give Up

Choosing Nav0 over Safari means giving up real things:

  • Cross-device sync. If you use an iPhone and a Mac, Safari's tab and bookmark sync is seamless. Nav0 has no sync.
  • Native macOS integration. Handoff, AirDrop, Keychain integration, Apple Pay — none of this works in Nav0.
  • Energy efficiency. On macOS, Safari will give you better battery life. Electron-based browsers can't match WebKit's native optimization.
  • Extensions (App Store). Safari has a curated extension ecosystem. Nav0 has none.
  • Mobile browsing. Safari on iOS is deeply integrated with the operating system. Nav0 is desktop-only.
  • Reading List and shared links. Safari's integration with iOS reading features has no Nav0 equivalent.

These are significant tradeoffs, especially for users deeply invested in Apple's ecosystem. We don't pretend otherwise.

The Core Question

Safari's pitch is: "Trust Apple. We're the good guys. We'll protect your privacy better than Google."

Nav0's pitch is: "Don't trust anyone. Here's the source code. Verify it yourself."

Apple has been a better steward of user privacy than Google, Microsoft, or Meta. That's true. But Apple is a trillion-dollar corporation that sells hardware, services, and advertising. Apple's incentives are better aligned with privacy than Google's — but they're not perfectly aligned. The $20 billion Google search deal proves it. The iCloud data collection proves it. The closed-source browser proves it.

Nav0 doesn't ask you to evaluate whether a corporation's incentives are sufficiently aligned with your interests. It removes the corporation from the equation entirely. Open source. Local data. Zero telemetry. No deals, no ecosystem, no platform lock-in.

Safari offers privacy by Apple's terms. Nav0 offers privacy by default.

The Bottom Line

Safari is the best mainstream browser for privacy. That's not nothing — for the hundreds of millions of people who use default browsers on their Apple devices, Safari is a dramatically better choice than Chrome or Edge. Apple deserves credit for that.

But Safari is still a closed-source browser controlled by one of the world's largest corporations, locked to one ecosystem, tied to a cloud identity system, and funded in part by the world's largest advertising company. Its privacy is real but conditional — conditional on Apple's continued goodwill, conditional on staying inside Apple's ecosystem, and conditional on trusting a company whose code you cannot read.

Nav0 removes the conditions. Zero telemetry. Zero cloud. Zero ecosystem lock-in. Zero closed-source trust requirements. It's a browser that browses the web, running on whatever platform you choose, collecting nothing, and answering to no corporation.

Safari gives you Apple's version of privacy. Nav0 gives you privacy.

Download Nav0 — free, open source, and beholden to no one.

Nav0 is a minimal, privacy-focused browser that collects zero data. It's open source, free, and built on the belief that your browser should do one thing well: let you browse the web. Get started.

Released under the MIT License.

Copyright Nav0 Contributors