Brave, a Chromium-based browser, has removed FLoC, Google’s controversial alternative identifier to third-party cookies for tracking users across websites.
FLoC, or Federated Learning of Cohorts, has just been released by Google for Chrome as its answer to improving privacy while still delivering targeted ads.
“The worst aspect of FLoC is that it materially harms user privacy, under the guise of being privacy-friendly,” says Brave in a blogpost.
FLoC has been been widely criticised by privacy advocates, even though it is an improvement to third-party cookies. The Electronic Frontiers Foundation (EFF) calls it a “terrible idea” because now Chrome shares a summary of each user’s recent browsing activity with marketers.
“A browser with FLoC enabled would collect information about its user’s browsing habits, then use that information to assign its user to a “cohort” or group,” writes Bennett Cyphers, an EFF technologist.
“Users with similar browsing habits — for some definition of “similar” — would be grouped into the same cohort. Each user’s browser will share a cohort ID, indicating which group they belong to, with websites and advertisers.”
Brave notes that the California Consumer Privacy Act of 2018 (CCPA) and Europe’s General Data Protection Regulation (GDPR) as signs that consumers are demanding privacy on the web.
“In the face of these trends, it is disappointing to see Google, instead of taking the present opportunity to help design and build a user-first, privacy-first Web, proposing and immediately shipping in Chrome a set of smaller, ad-tech-conserving changes, which explicitly prioritize maintaining the structure of the Web advertising ecosystem as Google sees it,” Brave says in a blogpost.
The search engine DuckDuckGo last week released a Chrome extension to block FLoC tracking, comparing it to “walking into a store where they already know all about you”.
Brave argues that because the feature does impact user privacy, it should be something that users need to opt-in to.
“Given that FLoC can be harmful for site operators too, we recommend that all sites disable FLoC. In general, any new privacy-risking features on the web should be opt-in,” Brave says.
“This is a common-sense principle to respect Web users by default. One might wonder why Google isn’t making FLoC opt-in. We suspect that Google has made FLoC opt-out (for sites and users) because Google knows that an opt-in, privacy harming system would likely never reach the scale needed to induce advertisers to use it.”
Microsoft, which is also using Chromium as the basis for its new Edge browser, hasn’t stated its position on FLoC. ZDNet has contacted Microsoft for a response and will update the story if it receives one.
According to the EFF, Google has rolled out FLoC to 0.5% of Chrome users in Australia, Brazil, Canada, India, Indonesia, Japan, Mexico, New Zealand, the Philippines, and the US. But the company hopes to roll it out to 5% of users.