If you’re among the billions of people using Chrome, then you need to stop – especially if you’re using a Google browser on an Apple device. New data disclosures and “creepy“New tracking technology should serve as a serious warning that it’s time to switch. Here’s what you need to know.
Why it’s time to quit Chrome
Getty Images
While Facebook has focused on data security and privacy in recent weeks, fighting Apple for the right to collect data from its users, Google has taken a gentler, more subtle approach. Delaying privacy tags until Facebook took over, then announced significant new changes to its flagship Chrome browser.
Google says it wants a web site “privacy first”. And on the surface, killing the dreaded cookie and preventing cross-tracking is a major step in the right direction. But as they say in the movies, if you want to know what’s really going on, then “follow the money.” And with Google, that means data-driven advertising.
When it comes to such data collection, the gorillas in the industry are Google and Facebook. Both tech giants generate most of their advertising revenue, even if it doesn’t always look like that with Google’s range of platforms, services and operating systems. But Google’s $ 100 billion in advertising revenue tells you what you need to know.
This was clearly illustrated when Google finally released a privacy tag for Chrome in the Apple App Store. The Google browser collects more data than Safari or Edge or Firefox, and worse, is the only one of the four that doesn’t bother to collect data that isn’t related to user identities. It is a philosophy, a business model.
Apple Privacy Tags: Chrome Vs Rivals.
Apple / @UKZak privacy tags
“You don’t become a multi-billion dollar company without getting as much data as you can monetize,” Cyjax CISO Ian Thornton-Trump told me last month, right after (really) confidentiality, the first DuckDuckGo warned that “Google doesn’t care about protecting users’ privacy. They care about protecting their surveillance model. If they really cared about privacy, they would stop spying on billions of people. ”
Choosing a browser is an extremely subjective matter. Ease of use, speed, features, seamless cross-platform options are all factors. And Chrome has spent more than anyone to make sure its user experience is just as sticky. But unlike Apple and Microsoft, the other two tech giants in the browser industry, Google doesn’t generate revenue from products, it does generate revenue from data, your data, by targeting ads.
So you are about to be struck by confusing and conflicting messages about how it all comes together. How Google intends to protect your privacy while extracting data to sell you more – or rather to allow its customers to sell you more.
Unfortunately, this will become very confusing. Google is replacing cookies with Federated Cohort Learning (FLoC), which is now being tested without affected Chrome users knowing about it. And while I’m sure this wasn’t meant to be confusing, it appears as Pythonesque when explained. An FLoC is essentially a group of similar users, judging by an algorithm behind users’ browsers.
Simply, that hidden and secret algorithm tracks the sites you visit and your online activities to assign you to a group. You will not be pursued as a 45-year-old accountant, John Smith, of 101 Acacia Avenue, but the algorithm will be quite specific about your interests and will easily share this with websites. Using the internet, warns DuckDuckGo, will be “like entering a store where I already know everything about you.”
In response to this story, Google told me that “we strongly believe that FLoC is better for user privacy compared to individual cross-site tracking that is prevalent today. Testing the origin of FLoC is an early but important step towards the goal of Privacy Sandbox to open an open web, which is both private by default and economically sustainable.
By collecting and tracking data, history tells us to beware of the unintended consequences of even well-intentioned developments. In this week, Facebook has blamed a user-centric convenience behind its latest data crash, with the exploitation of this characteristic by “bad actors”. So the fear with FLoC is that anonymized group IDs will soon be recognized and interpreted, that your IP address will be captured and connected.
So now the risk is for a third party to connect your unique IP address to your anonymous FLoC ID to find out more about you than you should, to take advantage of the power of that secret algorithm that operates behind the scenes in your browser. ; FLoC is not on a Google Cloud server, it is inside Chrome. As EFF warns, “if a tracker starts with the FLoC cohort, it only needs to distinguish the browser from a few thousand others (rather than a few hundred million).”
When browsing the web, betray the most intimate details about yourself. Dating sites, personal services and worse. And, although each FLoC only tracks activity from the last week before resetting, you shouldn’t be tracked that way.
Google has already come under fire for blurring around his so-called “incognito” navigation and with FLoC, most of you won’t know anything about them. EFF warn that “a switch has been silently overturned in millions of instances of Google Chrome: those browsers will start sorting their users into groups based on behavior, then share group tags with third-party followers and web advertisers.”
And while I’m sure that as this release reaches the mainstream, there will be easy ways to switch a switch and quit, it will be just like cookies. You will be constantly encouraged to activate all backstage trackers.
EFF warns that “the Chrome source process for FLoC was implemented to millions of random Chrome users without warning, much less with the agreement. While FLoC is ultimately intended to replace tracking cookies, during the trial period, it will give trackers access to even more information about the topics. ”
Google told me that “as implemented in the origin test, FLoC uses significantly less data than can already be accessed through third-party cookies, and FLoC is designed to prevent websites from perform individual navigation activities. But proponents of confidentiality have completely rejected this.
And so for Apple. There is a strong irony at this point, in the sense that we have never had more information available about the exploitation of our private information, the good and bad actors when it comes to our pursuit, the tools we can use to protect ourselves. And yet, as it turned out with FLoC, the other part of that equation is that data harvesting has never been more sophisticated. It’s a battle in the race.
Next year, Chrome will give up the traditional cookies used for years to track web users. This will throw the advertising industry in a rotation. The problem is that Google is on both sides, as a platform and advertising vending machine. The risk is that this puts too much control in the hands of Google.
Apple is on the right side of this battle – it has no direct interest in powering the advertising industry, although it is clearly not immune to data collection and advertising itself. But Apple has embraced privacy as a USP and has begun to deal with Facebook and the advertising industry by cracking down on browsers and tracking apps and those privacy tags.
And so we came to a fork in the road, a pivot point. Most people who read this will not want to opt for uber-private applications and platforms – I admit that. As good as DuckDuckGo, as good as Signal, as good as ProtonMail, you’ll want to use a main browser, WhatsApp or iMessage and standard email applications.
And it’s okay. Because Safari is a perfect compromise. If you use the Apple ecosystem, it works perfectly on multiple devices and already has built-in anti-tracking technology. In addition, it will store your passwords and warn you when one has been reused or hacked. And because this is Apple, you’ll probably trust this more than other platforms and use it more than you might as a dedicated password manager.
There’s no point in Apple securing your data and privacy, creating a walled garden around your online experience, whether you’re installing and using Chrome on your iPhone or iPad or Mac. Simply do not let the fox into the basket. “Right now,” DuckDuckGo says, “FLoC is only in Google Chrome and no other browser provider has expressed its intention or even interest in implementing it.”
As I mentioned earlier, Google CEO Sundar Pichai said that “we do not use information in applications where you store mainly personal content – such as Gmail, Drive, Calendar and Photos – for advertising purposes, period.” But Chrome is not on that list. So you need to be aware of its true value to Google.
Using your fingerprint to identify yourself as a single user is called a fingerprint. The EFF warns that “fingerprints are difficult to stop. Browsers like Safari and Tor have engaged in years of wear and tear against trackers, sacrificing large areas of their own feature sets to reduce fingerprint attack surfaces. The EFF warns that FLoC is “a new fingerprint risk” and that Google should not make this risk available “until it finds a way to deal with existing ones”.
EFF has launched a website where you can check if your Chrome browser has FLoC enabled. Clearly, this is only relevant for Chrome, and even if it’s not enabled now, it could happen anytime without you realizing it.
FLoC test for Chrome
EFF
Hopefully, with enough pressure, Google will make sure there are some protections added to its FLoC implementation. The company told me that “if a user chooses to block third-party cookies with the current version of Chrome, they will not be included in the original trial version. In April, we’ll be introducing a control in Chrome Settings that users can use to opt out of the inclusion in the FLoC and other privacy Sandbox proposals. ”
As we have said many times, if we do not reward the applications and platforms that secure and respect our data and move away from those that do not, then we send a message that it is good to harvest at will. If disclosing Google’s data collection won’t push you from Chrome to Safari (or Firefox or DuckDuckGo or Brave or even Edge), then stealthily deploying these hidden FLoCs should do so now.