Google Plans To Eradicate Cookies

Uploaded on 2021-05-25 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Regulators and rivals have raised concerns about Google’s grand plan to rewrite the rules of online advertising. Google is to restrict the number of advertising cookies on websites accessed via its Chrome browser, in response to calls for greater privacy controls. It said that it would phase out third-party cookies within the next two years, 

Millions of people are already part of a global experiment to delete cookies once and for all. Since last month, Google has been testing new browser-based technologies in Chrome that could turn the global advertising industry upside down.

Cookies are small text files that are used to track users across the web. Cookies are used to collect user data, which can be on both an aggregate and anonymised level, such as clicks on page, pages viewed, engagement elements, and also on a PII (personal identifiable information) level, such as device IDs, names, addresses, passwords and credit card numbers. Most of the people involved in the process may not even notice, but as the project gains momentum, critical voices sound the alarm.

While Safari and Firefox both block third-party cookies by default, the user has the ability to turn them on. Google will not have such a feature. Third-party cookies will be blocked with no method of allowing users to turn this feature on.

 In addition to the elimination of third-party cookies, factor in that Google Chrome is by far the most popular web browser with an estimated global market share of 62.8%. The closest competitor is Apple’s Safari with a mere 15.8%. The supervisory authorities in Germany, France and Belgium are examining Google’s proposals. At the same time, some of the world’s largest websites have decided to skip Google’s trials entirely. A number of companies have already developed ways that people can evade the system.

The system, known as Federated Learning of Cohorts (FLoC), is part of Google̵7;s larger Privacy Sandbox plan that will end third-party advertising cookies in early 2022. There are generally three ways that websites choose which ads to show you. You may see an ad for a pair of sneakers because you put them in a shopping cart last week. If you’re reading an article about cars, the ads may also refer to cars. or the ads you see may be based on your interests. Like third-party cookies, FLoC deals with advertising based on your preferences.

Currently, advertisers can use cookies to serve ads that are specific to you as they are based on your individual browsing history. FLoC was developed to eliminate this individual targeting by broadening the network.

When you use FLoC, Chrome gathers your web history and compares it with the habits of others. You will then be placed in a group or cohort with thousands of other people like you. Advertisers can then target entire groups of people and not specific people.

It’s not just the extent of the change, it’s also who is behind it. Google, whose parent company Alphabet  dominates the global advertising industry. The regulators are understandably suspicious.

“The FLoC technology leads to several questions regarding the legal requirements of the GDPR,” says Johannes Caspar, Data Protection officer for the German state of Hamburg... "The implementation of users in the FLoCs can be seen as a process of processing personal data. And this requires freely given consent and clear and transparent information about these processes. Google needs to ensure that users actively choose to use FLoC instead of enabling the system in Chrome by default." Caspar adds that there are risks in how cohorts allow “inferences” about people’s surfing behavior and how specific the cohorts of FLoC will be.

Not only German regulators are concerned about FLoC. A spokesman for the French National Information Commission and the Libertés (CNIL), France’s data regulator, says it is “paying particular attention” to technologies that could replace cookies as they may require access to information already on people’s devices are stored.

It is clear to the CNIL that such a system would require “specific, informed and unambiguous consent”. If Google doesn’t do this, it can prove costly. In December 2020, the French regulator fined Google $ 120 million for failing to obtain user consent before using cookies. Other regulators are more concerned about antitrust law. In Belgium, officials are keen to understand how competitive future systems are and how they comply with data protection laws.

  • In the UK, the Competition and Market Authority and the Data Protection Authority, the Information Commissioner’s Office, have been investigating Google’s proposals since January.
  • The Irish Data Protection Commission, which is responsible for many large technology companies with European headquarters in Dublin, has, according to its own information, consulted with Google on the proposals.

Google is aware of the potential pitfalls of FLoC. In this case, the technology has yet to be tested in the European Union. “The EU data protection law sets high standards for the transparency and control of the users. This is what we envision for FLoC,” says Marshall Vale, Chrome product manager at Google. “We know input from data protection authorities is key to getting this right, so we started discussions early on about the technology and our plans.”

Google has already announced that it will introduce tools that will not allow users to be classified in FLoC cohorts.

AIthority                Wired:       HiTech Glitz:          Deloitte:        TheTechTrack

You Might Also Read:

Social Media & The New Advertising Model (£):

 

« Cyber Security For Small Business
Maritime Shipping Is An Ideal Target For Ransom »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Satisnet

Satisnet

Satisnet is a leading Security Reseller, Managed Security Services Provider (MSSP) and Cyber Training Innovator, with operations throughout the UK, EMEA and United States.

Digital Defense Inc (DDI)

Digital Defense Inc (DDI)

DDI offers vulnerability scanning, penetration testing, web application testing, social engineering and additional security assessments.

Ilex International

Ilex International

Ilex International is a European software vendor which specialises in Identity & Access Management solutions.

FaceFirst

FaceFirst

FaceFirst provide face recognition technology solutions to detect and deter real time threats,

Ceerus

Ceerus

Ceerus was created to simplify the process of deploying and managing security across all the channels in an organisation.

ThirdWatch

ThirdWatch

ThirdWatch is a Data Science company with real-time automated fraud prevention solutions.

YL Ventures

YL Ventures

YL Ventures funds and supports brilliant Israeli tech entrepreneurs from seed to lead.

Loki Labs

Loki Labs

Loki Labs provides expert cyber security solutions and services, including vulnerability assessments & penetration testing, emergency incident response, and managed security.

CerraCap Ventures

CerraCap Ventures

CerraCap Ventures invest globally into early-stage B2B companies in Healthcare, Enterprise AI and Cyber Security.

Globant

Globant

Globant is an It and software development company. We leverage the latest technologies and methodologies to help organizations transform in every aspect, including software security.

FoxTech

FoxTech

FoxTech is an independent, friendly and deeply specialised cyber security company in the UK, with expertise spanning decades of Public Sector and Government services.

Birch Cline Cybersecurity

Birch Cline Cybersecurity

Birch Cline specializes in helping Local Government and Education agencies, as well as mid-market organizations, build and maintain successful cybersecurity programs.

ISSQUARED

ISSQUARED

ISSQUARED is a leading provider of Cyber Security, Cloud, Infrastructure, Consulting and Digital Transformation services.

NextGen Cyber Talent

NextGen Cyber Talent

NextGen Cyber Talent is a non-profit providing a platform to increase diversity and inclusion in the cybersecurity industry.

Rhodian Group

Rhodian Group

Rhodian Group (formerly Adar) specialize in providing Technology, Cybersecurity, and Compliance services to the insurance industry.

Finite State

Finite State

Finite State enables product security teams to protect the devices we rely on every day through market-leading software threat, vulnerability, and risk management.