Protecting Your Privacy in Safari for OS X El Capitan

Every time you visit a website you are sharing information about yourself with the outside world. This article runs through a number of methods you can use to gain more control over what gets shared, and who it gets shared with, whenever you use Apple's Safari browser to access the web on a Mac.

It also covers methods you can use to prevent traces of your browsing history from showing up on your computer. While you may trust friends and family not to go searching through your web history, it's possible for them to unintentionally discover what you've been looking at, just by using Safari or performing an innocent search on your Mac. If you're interested in a similar overview covering Safari on iOS, check out this guide.

This guide assumes you are using the latest public release of OS X El Capitan (10.11.6 as of initial writing), which you can check by clicking the  symbol in the menu bar at the top left of your screen and selecting "About This Mac". The version number appears beneath the OS X version name. If you're not up to date, you can download and install the latest version of OS X via the Mac App Store located on the Dock or in the Applications folder.

Cookies, Location Services, and Tracking

Many websites attempt to store cookies and other web page data on computers used to access online content. Cookies are small data files that can include things like your IP address, operating system, web browser version, the date you last visited the site, as well as any personal information you may have provided, such as your name, email address, and any relevant preferences. This information is used to identify you when you revisit a site, so that it can offer tailored services, provide specific content, or display targeted ads.

Websites are increasingly upfront about their use of cookies – you've probably seen notices on popular sites requesting that you acknowledge their use. That's largely because EU law requires sites based within its borders to get consent from visitors to store or retrieve cookie data, and as of September 2015, Google requires that any website using its advertising products complies with the law if any of its visitors are inside the EU, regardless of where the site itself is based.

By default, Safari accepts cookies and website data only from websites you visit, and attempts to block third-party cookies that try to target you with ads or create a profile of your online activities. If you don't like the idea of being tracked at all, you can selectively block the use of cookies by following the steps below. Note however that some pages might not work unless you allow the use of cookies, so if you run into login problems or other issues on familiar sites after adjusting these settings, then you might want to dial back the changes.

Additionally, you may have noticed how Safari asks if you want to share your location whenever you visit a geolocation-enabled website. If you don't expect the site to provide helpful location-based services such as regional weather information or local amenities, you can deny the request and continue to do so like this on a case-by-case basis. Alternatively, you can change Safari's behavior whenever it encounters such a site, as described in the following steps.

Lastly, Do Not Track is a feature you can enable to prevent websites from tracking your site visits across the web. With the feature turned on, Safari specifically asks sites and their third party content providers (including advertisers) not to track you. In reality, it's up to the website to honor this request, but it's an option worth enabling for a potential extra layer of privacy.

Here's how to change Safari settings for cookies, location services, and tracking:

1. From Safari's menu bar, select Safari -> Preferences..., and click on the Privacy tab.
2. Select how Safari should deal with cookies and website data by clicking on the relevant button. Your options are: Always block, Allow from current website only, Allow from websites I visit (the default setting), and Always allow.
3. This tab also lets you check any existing website data stored in your browser cache. You can get more information on it, as well as remove data for individual websites, by clicking the "Details..." button.
4. To remove all data completely, press the button on the Privacy tab labeled "Remove All Website Data..." and confirm with "Remove Now", or click "Remove All" from within the "Details..." dialog.
5. In the section labeled "Website use of location services", choose from: Prompt for each website once each day; Prompt for each website one time only; and Deny without prompting.
6. To enable the Do Not Track feature, check the box at the bottom of the Privacy tab next to "Ask websites not to track me".

Enable Private Browsing

By enabling Private Browsing, you can prevent Safari from remembering the pages you visit and any AutoFill information, while any tabs you open within a private window won't be stored in iCloud. Safari also automatically asks sites and third-party content providers not to track you, prevents sites from modifying any information stored on your Mac, and deletes cookies when you close the related tab or window.

In Safari's menu bar, select File -> New Private Window. You'll notice the Safari address bar appears dark instead of light in a private window, indicating that Safari will not cache your browsing history, store snapshots of pages you visited or save your search history, and any AutoFill information will be lost after the window (or tab) is closed.

If you want to default to private browsing, you can set Safari to open a new Private Browsing window every time the app is launched. Choose Safari -> Preferences..., click General, select the "Safari opens with" pop-up menu, then choose "A new private window".

Clear Browsing History

Safari for Mac enables you to remove all records of your browsing history including cookies and other cached website data over a specific timeframe of your choosing.

Browsing records that are cleared using the first method described below include any Top Sites not marked as permanent, your Frequently Visited Sites list, recent searches typed into the Safari search bar, web page snapshots shown in the open tab preview screen, download lists (but not downloads), sites you asked to send you notifications, and sites supporting Quick Website Search (the ability to search within specific sites from the Safari search bar).

Note that this method also clears history and web data from any devices logged into the same iCloud account.

1. To clear all history including cached website data and cookies, select Safari -> Clear History... from the Safari menu bar.
2. In the dialog window that appears, select the timeframe that you'd like to clear from the dropdown menu. Your options are: the last hour, today, today and yesterday, and all history. Click "Clear History" to confirm.

If you want to clear your history but keep cached website data and cookies, hold the Alt/Option key on your keyboard during step 1 above, and the "Clear History..." menu option will change to "Clear History and Keep Website Data". Choose this description instead and continue on to select your clearance timeframe.

If you only want to remove specific websites from your history, ignore the steps above and instead click "History" in the Safari menu bar, select "Show History", right-click a site in the list, and then select "Remove" from the contextual menu.

Exclude Browsing History From Spotlight Searches

If you'd rather retain your browsing history but don't want web pages you've visited to appear in system-wide Spotlight Search results, follow these steps.

1. Open System Preferences and select the Spotlight pane.
2. In the Search Results tab, uncheck the box next to "Bookmarks & History" (and "Bing Web Searches", if this is your default search engine).

Switch Search Engine and Disable Safari Suggestions

Just because you cleared your browsing history and web data in Safari or browsed in a Private window, doesn't mean your searches aren't still recorded elsewhere. For example, if you logged into a Google account during the session, searches you performed may be logged by Google and later show up as search suggestions when you start typing in the Google search bar in the same account. In fact, your search and ad results may be customized based on your search-related activity, even if you're signed out of your account.

To get around this issue, either consult the privacy help page of your preferred search engine to learn how to turn off tracking settings, or set a non-tracking search engine such as StartPage as your home page (using the General tab in Safari -> Preferences...). The next series of steps shows you how to set up Safari to use the non-tracking search engine DuckDuckGo when you type search queries into the address bar.

Another thing to reconsider is your use of Safari Suggestions. With this option enabled, your search queries, the Safari Suggestions you select, and related usage data are sent to Apple. Additionally, if you have Location Services turned on, when you make a search query in Safari with Safari Suggestions enabled your location is also sent to Apple. If you don't want this information shared, turn off Safari Suggestions as shown below.

1. From the Safari menu bar, select Safari -> Preferences..., and click on the Search tab.
2. Select the DuckDuckGo search engine from the dropdown menu. You can also choose whether you want search engine suggestions appearing in the Safari search bar using the checkbox immediately below.
3. Uncheck the box next to "Include Safari Suggestions" in the Smart Search Field options; you can also disable the Quick Website Search function if you prefer by using the checkbox below.

Disable Frequently Visited Sites

By default, Frequently Visited Sites appear below your Favorites whenever you open a new tab or a new Safari window. You can turn this feature off.

There are two ways to prevent frequently visited sites from appearing in new tabs and windows. The simplest way is to click Bookmarks in the Safari menu bar and untick "Show Frequently Visited in Favorites". The second method described below prevents Favorites from appearing in new tabs and windows altogether, but removes the option to display your Top Sites as well.

1. From the Safari menu bar, select Safari -> Preferences..., and select the General tab.
2. In the dropdown menus for "New windows open with:" and "New tabs open with:", select an option other than Favorites, such as "Empty Page".

Turn Off AutoFill

Safari's AutoFill feature remembers text and values you enter into online forms, and can be useful for speeding up logins and registrations as well as online purchases. If other people use your Mac, you might not want this information to show up when websites are revisited. Here's how to disable AutoFill.

1. In the Safari menu bar, select Safari -> Preferences... and click on the AutoFill tab.
2. Uncheck the boxes next to the details you wish to prevent Safari from autocompleting in web forms. You can also edit already saved information by clicking the "Edit..." buttons.

Finally...

If your web privacy concerns extend to a desire for enhanced security and comprehensive end-to-end encryption, consider subscribing to a Virtual Private Network (VPN) service (Private Internet Access and IPVanish are two popular choices) and using Tor browser for OS X.