Google Plans To Eradicate Cookies

Uploaded on 2021-05-25 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Regulators and rivals have raised concerns about Google’s grand plan to rewrite the rules of online advertising. Google is to restrict the number of advertising cookies on websites accessed via its Chrome browser, in response to calls for greater privacy controls. It said that it would phase out third-party cookies within the next two years, 

Millions of people are already part of a global experiment to delete cookies once and for all. Since last month, Google has been testing new browser-based technologies in Chrome that could turn the global advertising industry upside down.

Cookies are small text files that are used to track users across the web. Cookies are used to collect user data, which can be on both an aggregate and anonymised level, such as clicks on page, pages viewed, engagement elements, and also on a PII (personal identifiable information) level, such as device IDs, names, addresses, passwords and credit card numbers. Most of the people involved in the process may not even notice, but as the project gains momentum, critical voices sound the alarm.

While Safari and Firefox both block third-party cookies by default, the user has the ability to turn them on. Google will not have such a feature. Third-party cookies will be blocked with no method of allowing users to turn this feature on.

 In addition to the elimination of third-party cookies, factor in that Google Chrome is by far the most popular web browser with an estimated global market share of 62.8%. The closest competitor is Apple’s Safari with a mere 15.8%. The supervisory authorities in Germany, France and Belgium are examining Google’s proposals. At the same time, some of the world’s largest websites have decided to skip Google’s trials entirely. A number of companies have already developed ways that people can evade the system.

The system, known as Federated Learning of Cohorts (FLoC), is part of Google̵7;s larger Privacy Sandbox plan that will end third-party advertising cookies in early 2022. There are generally three ways that websites choose which ads to show you. You may see an ad for a pair of sneakers because you put them in a shopping cart last week. If you’re reading an article about cars, the ads may also refer to cars. or the ads you see may be based on your interests. Like third-party cookies, FLoC deals with advertising based on your preferences.

Currently, advertisers can use cookies to serve ads that are specific to you as they are based on your individual browsing history. FLoC was developed to eliminate this individual targeting by broadening the network.

When you use FLoC, Chrome gathers your web history and compares it with the habits of others. You will then be placed in a group or cohort with thousands of other people like you. Advertisers can then target entire groups of people and not specific people.

It’s not just the extent of the change, it’s also who is behind it. Google, whose parent company Alphabet  dominates the global advertising industry. The regulators are understandably suspicious.

“The FLoC technology leads to several questions regarding the legal requirements of the GDPR,” says Johannes Caspar, Data Protection officer for the German state of Hamburg... "The implementation of users in the FLoCs can be seen as a process of processing personal data. And this requires freely given consent and clear and transparent information about these processes. Google needs to ensure that users actively choose to use FLoC instead of enabling the system in Chrome by default." Caspar adds that there are risks in how cohorts allow “inferences” about people’s surfing behavior and how specific the cohorts of FLoC will be.

Not only German regulators are concerned about FLoC. A spokesman for the French National Information Commission and the Libertés (CNIL), France’s data regulator, says it is “paying particular attention” to technologies that could replace cookies as they may require access to information already on people’s devices are stored.

It is clear to the CNIL that such a system would require “specific, informed and unambiguous consent”. If Google doesn’t do this, it can prove costly. In December 2020, the French regulator fined Google $ 120 million for failing to obtain user consent before using cookies. Other regulators are more concerned about antitrust law. In Belgium, officials are keen to understand how competitive future systems are and how they comply with data protection laws.

  • In the UK, the Competition and Market Authority and the Data Protection Authority, the Information Commissioner’s Office, have been investigating Google’s proposals since January.
  • The Irish Data Protection Commission, which is responsible for many large technology companies with European headquarters in Dublin, has, according to its own information, consulted with Google on the proposals.

Google is aware of the potential pitfalls of FLoC. In this case, the technology has yet to be tested in the European Union. “The EU data protection law sets high standards for the transparency and control of the users. This is what we envision for FLoC,” says Marshall Vale, Chrome product manager at Google. “We know input from data protection authorities is key to getting this right, so we started discussions early on about the technology and our plans.”

Google has already announced that it will introduce tools that will not allow users to be classified in FLoC cohorts.

AIthority                Wired:       HiTech Glitz:          Deloitte:        TheTechTrack

You Might Also Read:

Social Media & The New Advertising Model (£):

 

« Cyber Security For Small Business
Maritime Shipping Is An Ideal Target For Ransom »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

IASME Consortium

IASME Consortium

IASME is one of five companies appointed as Accreditation Bodies for assessing and certifying against the UK Government's Cyber Essentials Scheme.

DigiCert

DigiCert

DigiCert is the only provider of enterprise-grade SSL, IoT and PKI solutions. Our certificates are trusted everywhere, millions of times every day, by companies across the globe.

ForeScout Technologies

ForeScout Technologies

ForeScout delivers pervasive network security by allowing organisations to continuously monitor & mitigate security exposures & cyberattacks.

Verimatrix

Verimatrix

Verimatrix is a global provider of innovative cybersecurity solutions that protect content, devices, software and applications.

France Cybersecurity

France Cybersecurity

France Cybersecurity represents the French cybersecurity industry to raise international awareness of French cybersecurity capabilities and solutions.

PartnerRe

PartnerRe

PartnerRe provides multi-line reinsurance to insurance companies on a worldwide basis. Services include Cyber Risk.

OmniNet

OmniNet

OmniNet delivers the next generation of cybersecurity and is the only provider in the market to move the edge of small businesses to a virtual, omnipresent perimeter.

ACI Learning

ACI Learning

ACI Learning - Training tomorrow’s industry leaders with formats for all types of learners in Audit, Cybersecurity, and IT.

Goldilock

Goldilock

Goldilock is redefining how sensitive data, devices, networks and critical infrastructure can be secured.

CAT Labs

CAT Labs

CAT Labs is building digital asset recovery and cybersecurity tools to enable governments to fight crypto crime and to protect investors from hacks, fraud and scams.

Axient

Axient

Axient advances defense and civilian missions from aerospace to cyberspace with multi-domain test and analysis, mission engineering and operations, and advanced technologies.

HP Wolf Security

HP Wolf Security

HP Wolf Security protects your organization and devices from cyberattacks no matter where, when or how you work.

US Cyber Games

US Cyber Games

US Cyber Games is committed to inform and inspire the broader community on ways to develop tomorrow’s cybersecurity workforce.

KTrust

KTrust

KTrust provides Continuous Threat Exposure Management for Kubernetes environments.

Fortress SRM

Fortress SRM

Fortress SRM protects companies from the financial, operational, and emotional trauma of cybercrime by improving the security performance of its people, processes, and technology.

NOYB

NOYB

NOYB is a non-profit organization aiming to close the gap between privacy laws and the reality of corporate practice.