Google Plans To Eradicate Cookies

Uploaded on 2021-05-25 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Regulators and rivals have raised concerns about Google’s grand plan to rewrite the rules of online advertising. Google is to restrict the number of advertising cookies on websites accessed via its Chrome browser, in response to calls for greater privacy controls. It said that it would phase out third-party cookies within the next two years, 

Millions of people are already part of a global experiment to delete cookies once and for all. Since last month, Google has been testing new browser-based technologies in Chrome that could turn the global advertising industry upside down.

Cookies are small text files that are used to track users across the web. Cookies are used to collect user data, which can be on both an aggregate and anonymised level, such as clicks on page, pages viewed, engagement elements, and also on a PII (personal identifiable information) level, such as device IDs, names, addresses, passwords and credit card numbers. Most of the people involved in the process may not even notice, but as the project gains momentum, critical voices sound the alarm.

While Safari and Firefox both block third-party cookies by default, the user has the ability to turn them on. Google will not have such a feature. Third-party cookies will be blocked with no method of allowing users to turn this feature on.

 In addition to the elimination of third-party cookies, factor in that Google Chrome is by far the most popular web browser with an estimated global market share of 62.8%. The closest competitor is Apple’s Safari with a mere 15.8%. The supervisory authorities in Germany, France and Belgium are examining Google’s proposals. At the same time, some of the world’s largest websites have decided to skip Google’s trials entirely. A number of companies have already developed ways that people can evade the system.

The system, known as Federated Learning of Cohorts (FLoC), is part of Google̵7;s larger Privacy Sandbox plan that will end third-party advertising cookies in early 2022. There are generally three ways that websites choose which ads to show you. You may see an ad for a pair of sneakers because you put them in a shopping cart last week. If you’re reading an article about cars, the ads may also refer to cars. or the ads you see may be based on your interests. Like third-party cookies, FLoC deals with advertising based on your preferences.

Currently, advertisers can use cookies to serve ads that are specific to you as they are based on your individual browsing history. FLoC was developed to eliminate this individual targeting by broadening the network.

When you use FLoC, Chrome gathers your web history and compares it with the habits of others. You will then be placed in a group or cohort with thousands of other people like you. Advertisers can then target entire groups of people and not specific people.

It’s not just the extent of the change, it’s also who is behind it. Google, whose parent company Alphabet  dominates the global advertising industry. The regulators are understandably suspicious.

“The FLoC technology leads to several questions regarding the legal requirements of the GDPR,” says Johannes Caspar, Data Protection officer for the German state of Hamburg... "The implementation of users in the FLoCs can be seen as a process of processing personal data. And this requires freely given consent and clear and transparent information about these processes. Google needs to ensure that users actively choose to use FLoC instead of enabling the system in Chrome by default." Caspar adds that there are risks in how cohorts allow “inferences” about people’s surfing behavior and how specific the cohorts of FLoC will be.

Not only German regulators are concerned about FLoC. A spokesman for the French National Information Commission and the Libertés (CNIL), France’s data regulator, says it is “paying particular attention” to technologies that could replace cookies as they may require access to information already on people’s devices are stored.

It is clear to the CNIL that such a system would require “specific, informed and unambiguous consent”. If Google doesn’t do this, it can prove costly. In December 2020, the French regulator fined Google $ 120 million for failing to obtain user consent before using cookies. Other regulators are more concerned about antitrust law. In Belgium, officials are keen to understand how competitive future systems are and how they comply with data protection laws.

  • In the UK, the Competition and Market Authority and the Data Protection Authority, the Information Commissioner’s Office, have been investigating Google’s proposals since January.
  • The Irish Data Protection Commission, which is responsible for many large technology companies with European headquarters in Dublin, has, according to its own information, consulted with Google on the proposals.

Google is aware of the potential pitfalls of FLoC. In this case, the technology has yet to be tested in the European Union. “The EU data protection law sets high standards for the transparency and control of the users. This is what we envision for FLoC,” says Marshall Vale, Chrome product manager at Google. “We know input from data protection authorities is key to getting this right, so we started discussions early on about the technology and our plans.”

Google has already announced that it will introduce tools that will not allow users to be classified in FLoC cohorts.

AIthority                Wired:       HiTech Glitz:          Deloitte:        TheTechTrack

You Might Also Read:

Social Media & The New Advertising Model (£):

 

« Cyber Security For Small Business
Maritime Shipping Is An Ideal Target For Ransom »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

TZ-CERT

TZ-CERT

TZ-CERT is the National Computer Emergence Response Team of Tanzania.

The Open Group

The Open Group

The Open Group: Leading the development of open, vendor-neutral IT standards and certifications.

ATIS Systems

ATIS Systems

ATIS Systems offers first-class complete solutions for legal interception, mediation, data retention, and IT forensics.

PRODAFT

PRODAFT

PRODAFT, Proactive Defense Against Future Threats, is a cyber security and cyber intelligence company providing solutions to commercial customers and government institutions.

Secucloud

Secucloud

Secucloud GmbH is a provider of high-availability cyber-security solutions, offering a cloud-based security-as-a-service platform, particularly for providers.

CSIRT GOV - Poland

CSIRT GOV - Poland

Computer Security Incident Response Team CSIRT GOV, run by the Head of the Internal Security Agency, acts as the national CSIRT responsible for coordinating the response to computer incidents.

Infigo IS

Infigo IS

INFIGO IS specializes in information security consulting services. Our employees are leading information security experts in Croatia.

BetaDen

BetaDen

BetaDen provides a revolutionary platform for businesses to develop next-generation technology, such as the internet of things and industry 4.0.

PixelPlex

PixelPlex

PixelPlex is a blockchain and custom software development company with offices and developers in New York, Geneva, and Seoul.

Fly Ventures

Fly Ventures

Fly Ventures is a seed-stage venture capital fund for outstanding teams building Enterprise and Deep Tech startups in Europe.

CyberCX

CyberCX

CyberCX provides services from strategic consulting, security testing and training to world-class managed services and engineering solutions.

NeuVector

NeuVector

NeuVector, the leader in Full Lifecycle Container Security, delivers uncompromising end-to-end security from DevOps vulnerability protection to complete protection in production.

GateKeeper Enterprise

GateKeeper Enterprise

The GateKeeper Enterprise software is an identity access management solution. Automated proximity-based authentication into computers and websites. Passwordless login and auto-lock PCs.

National Cybersecurity Consortium (NCC) - Canada

National Cybersecurity Consortium (NCC) - Canada

The NCC’s mandate is to keep Canada’s cyber and critical infrastructures and citizens safe while ensuring Canada’s global competitiveness and leadership in cybersecurity.

TheHive Project

TheHive Project

TheHive Project is a Scalable, Open Source and Free Security Incident Response Platform for SOC, CSIRT and CERT teams.

Nothreat

Nothreat

Nothreat has revolutionized how businesses like yours protect themselves from damaging cyber attacks. Our tech learns and adapts in real time, protecting clients from even zero-day attacks.