WordPress has discussed a proposal to block Google’s new tracking scheme called FLoC. While most expressed support, others raised valid concerns. No decision was made to block FLoC. Discussions will continue in the official WordPress Slack channel.
UPDATE
Matt Mullenweg says no decision has been made
There were many articles that said inaccurately that WordPress blocked FLoC.
As we originally reported, WordPress has not made a decision.
Matt Mullenweg posted a statement on Twitter confirming that no decision had been made.
Contrary to headlines, “WordPress” has not yet made any decisions or changes regarding it #FLoC. It is fairer to say that there is a proposal from a WP collaborator to block FLoC by default. https://t.co/YNRYuFWoaZ
– Matt Mullenweg (@photomatt) April 19, 2021
advertisement
Keep reading below
Google FLoC
The ability to track people’s interest by using third-party cookies is beneficial for Google. Ads targeted by users are said to convert at a higher rate and are therefore more valuable to both advertisers and Google, as these types of ads can be sold at a premium price.
But third-party cookies disappear because many browsers already block them automatically.
Google has responded to the slow death of third-party cookie tracking by launching a new way to track users, called Federated Cohort Learning (FLoC).
FLoC is an anonymous way to assign interest to people based on browsing patterns. These navigation patterns are used to classify users into user interest cups.
Competitors and privacy groups react with alarm
This inspired alarming articles on sites such as the Electronic Frontier Foundation, which called it “a terrible idea.”
Competitors to Google and the Chrome browser (Brave, DuckDuckGo and Vivaldi) have also taken steps to block FLoC and prevent it from tracking users.
advertisement
Keep reading below
They called the FLoC “ugly” and said it allowed “discrimination” and that it was “a dangerous step that harmed users’ privacy”.
Developers have already released two plugins that block FLoC from WordPress.
WordPress discussions to block FLoC
As mentioned earlier, no firm decision has been taken to block FLoC. The official core WordPress developers are discussing a proposal to block FLoC. So it’s not a closed deal.
Some in the developer community have questioned the suggestion of adding the FLoC lock to previous versions of WordPress that publishers still use, citing that it could undermine trust.
“He loves the idea of the feature, he will need work. It will practically not be easy to support the port, it has the potential to affect the confidence in automatic updates. ”
Someone else agreed that FLoC should be treated as a security update, but that they had concerns that giving up something is visible and with a clear explanation of what WordPress does.
This is an important point, as some users may want to sign up again if opt-out impacts advertising revenue through the Google AdSense program.
They commented:
“It makes sense to treat it as a matter of security. And, in principle, I agree with @roytanck that he should add the dropout header by default, but seeing that there is (somewhat) a tradition in WordPress to allow the user to decide whether and not to drop by default, WP should highlight this issue and present it on a very clear note … notice when the update release and a very clear help message in the settings pages in future releases. ”
However, others have questioned the rationale behind the appointment of this security update.
“Although I agree with the general sentiment here, I think it is a mistake to treat this as a security update and we risk abusing users’ trust in automatic updates. To name it, a security update seems to me to intentionally use the term to launch it through automatic updates.
The default contract with users for automatic security updates is that they are used to protect the user of their site … being imminently compromised. This is not the case with FLoC and in some cases may affect the behavior of the site. ”
advertisement
Keep reading below
The commenter followed by labeling the action against FLoC as a political statement and questioned it calling it a security update:
“I’m on board for the policy statement to combat Chrome’s breach of privacy, as well as to align it with WP values in general, but making this change as a ‘security’ update is a step too far.”
The person was not alone in asking questions, calling her a security threat.
Someone else asked:
“Can anyone even explain, by giving concrete facts, not just assumptions, that the fact that a browser is part of a group of hundreds of thousands of other similar browsers for a week is a security threat?”
Similarly, another commenter questioned calling this a security threat:
“If WordPress treats FLoC as a security issue, how would it justify allowing users to choose? Security remedies are one-sided by definition, users fail to drop the threat that has been removed. ”
Someone else questioned the blocking of FLoC while historically turning a blind eye to third-party cookies, perhaps more invasive.
advertisement
Keep reading below
“Where do we draw the line to what WordPress should basically block for privacy?”
Should WordPress also block ALL third-party tracking cookies like Facebook? ”
It was also suggested later that this could be a problem for the person, not WordPress, similar to how WordPress is neutral in terms of third-party tracking cookies.
They commented:
“This seems to be an individual privacy issue and not something that WordPress – as a neutral publishing platform, which can be used to share anywhere you want, should take action.
WordPress does not block other forms of browser tracking, why should it be different? WordPress allows you to use an unscrupulous ad provider on your site, but importantly, it doesn’t stop you from using it. ”
WordPress proposal on FLoC
WordPress changes are discussed in the developer community, sometimes starting with a proposal. Proposals are not always made.
It can be misinformation and clickbait to claim that WordPress has made a firm decision to block FLoC. There are many technical issues to solve, such as whether or not this is a security issue, whether it should be backported to earlier versions of WordPress (as a “security solution”), and deciding if it is the right place WordPress took a stand against FLoC, seeing how WordPress was neutral in terms of third-party tracking.
advertisement
Keep reading below
However, blocking FLoC seems to have overwhelming support both within the core developer group and anecdotally outside the general WordPress developer community.
How to disable FLoC in @WordPress https://t.co/emgRqU3rkR pic.twitter.com/WY6eR3RZc6
– Jon Henshaw (@henshaw) April 18, 2021
citations
Talk about the WordPress proposal
Proposal: Treat FLoC as a security issue
Electronic Frontier Foundation
Google’s FLoC is a terrible idea
Brave Browser Blocks FLoC
DuckDuckGo publishes a browser extension to block FLoC
Vivaldi navigator rejects FLoC