At Opera, we take the privacy and security of our users very seriously.
As a European company, we have to be compliant with the GDPR – one of the strongest, if not the strongest, data protection frameworks in the world. Our browsers, including Opera and Opera GX, are equipped with privacy-preserving features that work out of the box, without the need for installing any extra software or doing anything more complicated than toggling a switch. From built-in ad blocking and third-party cookie blocking, to a built-in browser VPN, Opera continuously provides ways for users to be more private online.
Even so, we have recently noticed some articles that spread misinformation about Opera and Opera GX, labeling them as “spyware”. The goal of these narratives seems to be to spread confusion and mistrust. The “evidence” they provide is either false or misleading as things are taken out of context and twisted to suit their narratives.
That’s why, in this post, we want to clear the air and debunk this misinformation.
Opera’s commitment to transparency and user privacy
Opera is a Europe-based company, headquartered in Oslo, Norway. Although not a European Union member, Norway has adopted key EU legislation, including the General Data Protection Regulation (GDPR). As such, Opera users’ data is protected by the GDPR’s robust framework and strict regulations. And, because Opera is a European company, this means that this protection is extended to Opera users outside of the EU as well – we are essentially exporting GDPR protections to the world.
Opera is also a publicly listed company, trading on the NASDAQ stock exchange (OPRA). This is another guarantee for users, because public companies are obligated by law to be transparent and disclose information about all their activities. Opera shareholders and the public can access Opera’s quarterly reports just like with any other listed company.
This also means that Opera is, in fact, the only browser company that anyone can own by purchasing shares in it.
Our products are provided for free, and most of our revenue is reinvested into improving these products and growing our user base. Our monetization strategy involves advertising, but we make sure to leave ultimate control in the hands of the user.
That’s why we only offer opt-in choices for targeted advertising. Targeted advertising results in better-quality ads, as users see ads that are more relevant to their interests or the country they live in. However, we understand and respect that some users might not wish to share this kind of data. So, users are prompted on whether they wish to allow this kind of data sharing or not at first install, and can always change these preferences at any time through their browser settings.
Our privacy statement goes into great detail about how we use data across all our products and services. As we state there:
Some of the data we use is considered “personal data” under applicable law. However, even when we use personal data, we generally have no way of actually identifying you as an individual, and our users are essentially anonymous to us.
So, after getting that out of the way, let’s examine how these articles mislead readers.
Misconceptions around “spyware” in Opera and Opera GX
The primary issue with these accusatory articles is their skewed definition of “spyware”.
They categorize any software connecting to a company’s servers, for any purpose, as “spyware“. This overly broad definition includes everyday applications, making the term virtually meaningless and misleading. In fact, the sites and articles in question also mislabel other popular software products such as Steam or iTunes as “spyware”.
The actual definition of “spyware” has nothing to do with standard practices such as telemetry or security updates, which are integral to modern software and, more importantly, user safety.
Telemetry, for instance, helps software developers understand how users interact with their products so they can improve them. Using such anonymous data, developers can decide where to focus development resources, remove unused features, or spot crashes.
Security updates are also vital as they protect users from potential vulnerabilities. No software today is free from vulnerabilities or bugs that can jeopardize a user’s security. Attackers exploiting such vulnerabilities can steal valuable personal data, including user passwords, credit card information, and more. Security updates therefore help make users safer and preserve their privacy and online security, they don’t compromise it.
Misinformation vs facts
Some of the accusations leveled against us take common software practices out of context, presenting them as malicious.
For example, one of the arguments to support the “spyware” allegations is that Opera and Opera GX make geolocation requests.
In reality, the browsers only check the country you are in to provide e.g. the right information in the weather widget or relevant articles in the News Feed. We also support Google’s GeoLocation API to enhance user experience – for example, making web-based map services more relevant. However, for this to work, the user always decides whether to allow it and only on a website-specific basis.
Another point of contention is the presence of Facebook Messenger, WhatsApp, Instagram, and other services in the sidebar on Opera and Opera GX.
However, these are merely shortcuts to the respective websites and do not collect data of their own. If the user logs into these services, they share the same amount of data that they would if they logged into these services through a browser tab. Users can reduce the amount of data those sites collect if they activate the built-in tracker blocker and third-party cookie blocker.
The claim that having Google as our default search engine make Opera and Opera GX “spyware” is also quite perplexing. It also overlooks the fact that we have allowed users to choose from a large set of search engines for over twenty years.
The Speed Dials on our starting page – essentially, visual bookmarks – have also been criticized. Some Speed Dials are ads provided by our advertising partners. When a user clicks on a Speed Dial, the advertising partner might receive some data, such as the user’s country.
However, no data is collected unless a user actually clicks on a respective tile. Plus, users have full control over whether they want to even see Speed Dials on their start page, or over customizing and adjusting their Speed Dials, removing or adding to them as they see fit.
Maintaining trust and open communication
As we have shown above, the accusatory articles in question seem to be either misinformed or intentionally misleading. However, it’s easy for users encountering such articles out of the blue to be confused and concerned about their safety and privacy.
That’s why we want to make it clear that at Opera we value the trust of our users above all else. In the coming days and weeks, we will be sharing more resources to help users understand how we protect their privacy and security.
We encourage users to engage critically with any online information, and ensure they know and trust the sources they rely on for information. Plus, you can always reach out to us with any concerns or questions.
As always, stay safe out there!