Google is not getting rid of tracking cookies in Chrome until 2023, the company announced last month, after having planned to do away with them by January 2022. Ahead of this decision, the impending deadline that was being called the Cookiepocalypse had been the centre of many discussions about how Internet based companies would be able to sustain their advertising supported businesses. While some warned of a seismic shift in the Internet as we know it, others pointed out that the impact of the Cookiepocalypse would be limited due to other identity trackers advertisers would be able to use, and a few people even suggested it ought to be possible to advertise to people without forensically tearing them apart for analysis.
So what does this decision mean for you and me? The business implications will take some time to play out, but as consumers, Google’s decision to delay could actually be a good thing, people say, as alternative systems need to be evolved and deployed. Here’s what you need to understand about the whole process.
Cookies permit websites to remember you, your logins, and other important information. They may, however, be a gold mine of personal data for cybercriminals to snoop on. Many competing browsers, such as Safari, Microsoft, and Firefox, have already blocked some third-party tracking cookies. But Chrome is still the most widely used desktop browser, so the move will have a more significant impact on the advertising industry.
However, it’s worth noting that the impact of this move is going to be reduced by the huge growth of smartphones. Tejinder Gill, General Manager, India, at ad-tech company The Trade Desk, noted that almost 80 percent of users in the country are on smartphones and not using a desktop browser, and for these users, things will not change even if Google were to remove tracking cookies from Chrome. However, he noted that more time needed to be given to ensure that a privacy conscious approach can grow instead.
“The move by Google is ultimately good news for the industry. Any new identity solution has to be consumer conscious if it is to meet the evolving regulatory and consumer scrutiny,” Gill said.“The industry has been waiting for privacy-conscious approach that provide long-lasting benefits.”
“It would be short-sighted for the industry to ignore this opportunity to create an improved identity solution that is more advanced than cookies, consumer-centric and that works across advertising channels, including the fast-growing world of the open internet such as OTT, audio streaming, connected TV and more,” he added.
Google explained in a blog post that its new privacy feature comprises the Privacy Sandbox, which is a series of proposals to persuade cross-site use cases without third-party cookies or any other tracking mechanisms. This initiative aims to develop replacement solutions to support web use cases and business models without letting users get tracked across sites, avoiding cross-site tracking and phasing out third-party cookies when new advanced solutions are in place.
One of the key proposals for the privacy sandbox that caught the public eye was the feature FLoC, which has been a PR disaster for Chrome so far. FloC is a complex algorithm that stands for ‘Federated Learning of Cohorts’, which by default groups people into “interest cohorts” based on their recent browsing history for the purpose of targeted advertising with k-anonymity protections.
Google claims that FLoC, along with other proposals, will go through a “rigorous, multi-phased public development process, including extensive discussion and testing periods,” implying that it will eventually be modified or replaced.
Vinay Goel, Privacy Engineering Director, Chrome, stated in his blog on June 24 that the “Privacy Sandbox initiative aims to create web technologies that both protect people’s privacy online and give companies and developers the tools to build thriving digital businesses to keep the web open and accessible to everyone, now, and for the future.”
The introduction of FLoC did not sit well with the critics as well as the Industry. Brave opposed it, saying, “Google defending FloC …shows a mistaken idea of what privacy is. Many things about a person are not unique, but still personal and important, and shouldn’t be shared without consent.”
Zak Doffman, CEO of cybersecurity services firm Digital Barriers, wrote in Forbes about FLoC in chiefly two key aspects. There he noted that though the user is anonymous and no raw data is shared to advertising companies, what if the system accidentally gathers sensitive information about the user and assigns them to a cohort accordingly? Even when Google said that it would clear sensitive data of its users, what marks the boundaries of sensitivity of information is a blurry line. He also wrote that visiting a website will not just disclose your cohort ID but also the data brokers and trackers sitting behind it have your other data pointers like your IP address, which makes the risk of users being fingerprinted much worse.
Whether or not FloC makes the Sandbox a hit or a flop, only time will tell. Meanwhile, the delay buys us time to ponder about what we want, expect, deserve and get as the users of Chrome and maybe possible alternatives to it to guard our privacy better in the near future.