The Company Behind Privacy Web browser Brave objected to Google’s latest plan to replace third-party cookies, which it says will do little to minimize the risk of privacy breaches.
Featured earlier this week, Google topics (a substitute for controversy FLOC proposal) offers a way to serve ads to people based on broad interest categories, such as travel or fitness, instead of using granular and often sensitive data retrieved by cookies.
The system relies on three weeks of browsing data, which is stored locally on the device, to place people into a variety of different buckets, which in turn determine the types of ads the person will receive. Internet users can deactivate a particular subject at any time via their browser.
According to Brave, however, Topics “addresses only the smallest and most minor privacy issues in FLoC, while leaving its core intact.” The new proposal pays “lip service” to protect the open web, but in reality it’s yet another tool designed to preserve Google’s monopoly, the company claims.
The post-cookie era
Google is set to phase out third-party cookies in Chrome (by far the world’s most popular browser) by the end of 2023, amid backlash from critics who say the technology enables gross privacy violations . Many alternative browsers, such as Firefox and Safari, have already blocked third-party cookies outright.
However, since Google’s business model relies on collecting large amounts of data to facilitate targeted advertising campaigns (also known as tracking-based advertising), the company faces a race against time to develop new systems to help its customers marketing efforts that do not compromise user privacy to the same extent.
The first proposal, FLoC (which stands for Federated Cohort Learning), was a system designed to preserve individual anonymity by aggregating data, while giving advertisers the ability to target people based on their interests. It worked similarly to Topics, grouping users into cohorts based on browsing activity.
However, the FLoC drew a lot of criticism when it was unveiled last year from organizations like the Electronic Frontier Foundation (EFF), which has called the system a wolf in sheep’s clothing. Essentially, privacy advocates claimed that FLoC would simply give advertisers a different arsenal of tools to play with, it would just be a matter of learning how best to leverage them.
Google Topics backlash
As stated in the Brave blog post, the Topics proposal differs from FLoC in two ways. First, Topics only provides advertisers with interest data from the sites they are on, rather than all the sites the user has visited. Second, Topics makes fingerprint-based identification more difficult by adding a level of randomness to the information shared with advertisers.
However, none of the proposals do anything “to address key privacy harms,” Brave says. At the heart of the company’s objections is the idea that Google shouldn’t decide what data is classified as sensitive.
“Google says it will be careful to only share ‘non-sensitive’ interests with sites. But there is no such thing as categorically non-sensitive data; there is no data that is always safe and respectful to share” , wrote Peter Snyder, senior director of privacy at Brave.
“Things that can be safely shared about one person in one context will be well-kept secrets for another. Meaningful privacy is inherently both context-specific and person-specific. People should decide what they consider sensitive. Not Google. »
The only light in which Topics can be considered an improvement is over the standard set by Google today, Snyder argues. He says Topics represents a serious violation of individual privacy by any other definition.
“FLoC and Topics are undoubtedly harmful. Both systems are designed to share information about you with advertisers and organizations you don’t know that are downright hostile to user privacy, without active permission or consent,” Snyder wrote.
“Google’s proposals only improve privacy from the cynical and self-serving baseline of ‘better than Google today'”.
In a statement provided to Tech Radar ProGoogle has responded to the accusations made by Brave.
“We agree that people need to decide what they consider sensitive, so we will be introducing a control allowing users to delete topics or disable topics altogether in their browser settings. Topics Revealed by the Topics API should be much less personally sensitive about a user than what might be transmitted using cookies or covert tracking,” said Vinay Goel, who leads the Google Privacy Sandbox project.
“The taxonomy is curated by humans and does not include topics generally considered sensitive. For example: topics related to health, race, and sexuality are not allowed in the taxonomy. The full list of Eligible topics are publicly available and subject to ongoing discussion and are based on our taxonomy and the IAB Content Taxonomy, which is an industry-recognized list.”
Goel also noted that the eventual intent is for the list of topics to be curated and maintained by a neutral third party “acting on behalf of the web ecosystem,” although he did not provide a timeline for that transition.
Regarding claims that Google Chrome is the “most privacy-damaging popular browser on the market”, Goel said the following:
“Other browsers have taken a heavy-handed approach to preventing [third-party] cookies, which could lead to other intrusive techniques such as fingerprinting.”
“Google’s approach addresses privacy concerns with innovative proposals that not only protect users as they browse the web, but also support publishers, advertisers, and business models that keep the web healthy by making content free and accessible online.”
Something tells us that Brave and Google will never agree on these issues.