ProductPricingAboutCareersBlogTalk to us Download the alpha →
← The blog privacy · Dec 10, 2025 · 6 min read

The browser telemetry audit: what Chrome, Firefox, and Edge actually send.

We ran a 30-day network trace on the three major browsers with default settings. The results were instructive about what “opt-out telemetry” really means in practice.

When browser vendors say their telemetry is “opt-out,” they mean it in a technical sense: there exists a settings page, and if you find it and toggle the right options, some data collection stops. They do not mean it in the plain English sense, which is that data collection doesn’t happen by default and you choose to add it. We wanted to measure the gap between these two definitions precisely.

Over 30 days, we ran Chrome 131, Firefox 133, and Edge 131 on identical test machines — fresh installs, default settings, no extensions, no sign-in — and captured all outbound network traffic. We categorised each destination by data type. Here is what we found.

Methodology

Each browser was installed fresh on a macOS 15 machine with a clean user profile. We used a transparent proxy (mitmproxy with a custom CA trusted by each browser) to capture TLS-decrypted traffic. The machines had no browsing activity for the first 24 hours to separate install-time telemetry from ongoing background traffic.

We classified destination endpoints into categories: product telemetry (usage data sent to the vendor), crash reporting, update checks, safe-browsing lookups, sync/sign-in infrastructure, and third-party analytics. We counted unique endpoints, total request volume, and estimated data size.

We acknowledge limitations: this is a snapshot of specific versions and may not generalise to all platforms. Browser vendors update their telemetry pipelines frequently. Our methodology is available on request.

Chrome: the most infrastructure-intensive

Chrome made outbound connections to 47 unique Google-operated endpoints in the first 30 days, even with no browsing activity. The categories broke down as follows:

Product telemetry. Chrome sends usage data to uma.googleapis.com (User Metrics Analysis) on a schedule that is typically hourly. The payload includes browser version, OS, locale, feature flag states, and interaction data. The telemetry is enabled by default and the opt-out requires navigating to Settings → Sync and Google services → Help improve Chrome’s features and performance. The option is buried three levels deep.

Safe Browsing. Chrome’s Enhanced Safe Browsing mode (now the recommended default in setup flows) sends every URL you visit to Google for malware checking. Standard Safe Browsing uses a local list updated periodically, which does not send individual URLs. Enhanced mode is presented as the better security choice during first-run setup; the consequences for privacy are not explained.

Feature experimentation. Chrome participates in Google’s field trial framework, sending identifiers to clients1.google.com that allow Google to correlate your browser instance with A/B test groups. This is not documented in the primary privacy settings UI.

Total estimated data transmitted to Google endpoints in 30 days, default settings, no browsing: approximately 8.4 MB.

Firefox: better, with caveats

Firefox sent data to 19 unique endpoints, significantly fewer than Chrome. Mozilla is a non-profit with a different business model, and this shows in the telemetry design. But “fewer” is not “none.”

Telemetry. Firefox sends performance and usage data to incoming.telemetry.mozilla.org by default. The opt-out is in Settings → Privacy & Security → Firefox Data Collection and Use. It is more accessible than Chrome’s, but still requires deliberate action to disable.

Pocket recommendations. The new tab page includes Pocket-sourced content recommendations enabled by default. Displaying these recommendations requires a request to Pocket’s CDN with information about your locale and, in some configurations, segments derived from your browsing history. Pocket is Mozilla-owned.

Crash reporting. Enabled by default. Crash reports can contain sensitive information about what the browser was doing at the time of the crash, including partial URLs and memory contents. The consent flow during setup is not prominent.

Total estimated data transmitted to Mozilla/Pocket endpoints in 30 days, default settings: approximately 2.1 MB. Notably, this dropped to less than 0.3 MB after disabling all three categories above.

Edge: the most surprising

Edge was the most surprising result. Microsoft has positioned Edge as a productivity browser with enterprise features, which implies a degree of professional restraint around data collection. The telemetry data suggests otherwise.

Diagnostic data. Edge sends diagnostic and usage data to Microsoft telemetry endpoints. On Windows, this data pipeline is shared with the OS telemetry system, making it difficult to isolate browser-specific transmissions. On macOS, the browser traffic is more visible: Edge sent data to browser.events.data.microsoft.com at intervals of approximately 15 minutes.

Bing integration. The default search engine, new-tab suggestions, and address bar predictions all route through Bing-operated endpoints. Keystrokes typed into the address bar are sent to Bing as you type, not only when you press Enter. This is the address bar, not a search box.

Shopping features. Edge’s Copilot and shopping assistance features, enabled by default in some configurations, send page content and URL data to Microsoft services when you visit e-commerce pages. The disclosure is in a tooltip, not a consent prompt.

Total estimated data transmitted to Microsoft endpoints in 30 days, default settings: approximately 14.7 MB. This was the highest of the three browsers tested.

What “opt-out” actually means

The common thread across all three browsers is that “opt-out” is defined operationally, not from the user’s perspective. The data flows by default. You can stop it, but only if you know it is happening, know where the controls are, and invest the time to find and toggle them.

Research on privacy default effects is unambiguous: most users never change default settings. The browser vendors know this. Designing for opt-out rather than opt-in is not a neutral technical choice; it is a decision to collect data from the maximum number of users who have not actively refused. Calling this “opt-out privacy” is a category error.

Dart’s approach

Dart Browser sends the following to our servers by default, with no settings change required:

That is the complete list. Your browsing history, open tabs, address bar keystrokes, page content, and agent prompts do not reach our servers under any default configuration. We do not have a telemetry pipeline. We do not participate in experimentation frameworks that track browser instances across sessions. We have no Bing, no Pocket, no Google to feed.

We run privacy-respecting analytics (Plausible) on our marketing website only, with no cookies and no personal data. It counts page views. That is all.

This is not a competitive claim about being “the most private browser.” It is a statement about architecture. A browser that does not have a telemetry pipeline cannot accidentally leak data through it. The safest pipeline is the one that does not exist.

Methodology note: network captures were conducted in December 2025 on macOS 15.2 using mitmproxy 10.4. Browser versions: Chrome 131.0.6778.109, Firefox 133.0.2, Edge 131.0.2903.86. All figures are estimates derived from packet captures; actual transmission sizes may vary by platform, configuration, and browser version. The full capture logs are available to security researchers on request via security@dartbrowser.com.