Zak Doffman – Contributor
I write about security and surveillance.More From ForbesApple Faces U.K. Antitrust Probe Into ‘Unfair’ App StoreThe U.K.’s competition watchdog launched an investigation into Apple Thursday to determine whether the U.S. tech giant is abusing its market position.
If you’re among the billions of people using Chrome, then you need to stop—especially if you use Google’s browser on an Apple device. Stark new data disclosures and Chrome’s “creepy” new tracking technology should serve as a serious warning that it’s time to switch. Here’s what you need to know.
While Facebook has taken the heat on data security and privacy in recent weeks, battling Apple for the right to harvest data from its users, Google has taken a softer, more subtle approach. Delaying privacy labels until Facebook had taken the flak, then heralding significant new changes to its flagship Chrome browser.
Google says it wants a “privacy first” web. And on the surface, its killing of the dreaded cookie and cracking down on cross-site tracking comes across as a major step in the right direction. But as they say in the movies, if you want to know what’s really going on, then “follow the money.” And with Google that means data-driven advertising.null
When it comes to such data harvesting, the industry gorillas are Google and Facebook. Both tech giants generate most of their revenue from advertising, even though it doesn’t always look that way with Google’s raft of platforms and services and operating systems. But Google’s $100 billion plus in ad revenue tells you what you need to know.
This was clearly illustrated when Google finally released a privacy label for Chrome on Apple’s App Store. Google’s browser collects more data than Safari or Edge or Firefox, and, worse, it is the only one of the four that doesn’t bother to collect any data that isn’t linked to user identities. It’s a philosophy, a business model.null
“You don’t become a multi-billion-dollar company without grabbing as much data as you can then monetize,” Cyjax CISO Ian Thornton-Trump told me last month, just after (genuinely) privacy-first DuckDuckGo warned that “Google doesn’t care about protecting user privacy. They care about protecting their surveillance business model. If they really cared about privacy, they would just stop spying on billions of people.”
Choosing a browser is a highly subjective matter. Usability, speed, features, seamless cross-platform options, all are factors. And Chrome has spent more than anyone on ensuring that its user experience is as sticky as it gets. But unlike Apple and Microsoft, the other two tech giants in the browser business, Google doesn’t generate its revenue from products, it generates its revenue from data, your data, targeting ads.
And so, you’re about to be hit with complex and conflicting messages on how all this reconciles. How Google plans to protect your privacy while mining your data to sell you more stuff—or rather to enable its business customers to sell you more stuff.null
Unfortunately, that’s going to become very confusing. Google is replacing cookies with Federated Learning of Cohorts (FLoC), which is now under trial without impacted Chrome users knowing about it. And while I’m sure this wasn’t designed to be confusing, it does come across as Pythonesque when explained. A FLoC is basically a group of similar users, as judged by an algorithm sitting behind those users’ browsers.
Put simply, that hidden, secretive algorithm tracks the sites you visit and your online activities to assign you to a group. You won’t be tracked as 45-year-old accountant, John Smith, of 101 Acacia Avenue, but the algorithm will be pretty specific about your interests and will readily share that with websites. Using the web, DuckDuckGo warns, will be “like walking into a store where they already know all about you.”
In response to this story, Google told me that “we strongly believe that FLoC is better for user privacy compared to the individual cross-site tracking that is prevalent today. The FLoC origin trial is an early but important step toward the Privacy Sandbox’s goal of an open web that is both private by default and economically sustainable.”null
With data harvesting and tracking, history tells us to beware the unintended consequences of even well-meaning developments. This week, Facebook has blamed a user-centric convenience behind its latest data mishap, with that feature’s exploitation by “bad actors.” And so, the fear with FLoC is that the anonymized group IDs will soon be recognized and interpreted, that your IP address will be captured and linked.
And so, now, the risk is that a third-party can link your unique IP address to your anonymous FLoC ID to know more about you than they should, to benefit from the power of that secretive algorithm operating behind the scenes on your browser; the FLoC doesn’t sit on a Google Cloud server, it’s within Chrome itself. As EFF warns, “if a tracker starts with your FLoC cohort, it only has to distinguish your browser from a few thousand others (rather than a few hundred million).”
When you surf the web, you betray the most intimate details about yourself. Dating sites, personal services, and worse. And while each FLoC only tracks online activity from the last week, before resetting, you shouldn’t want to be tracked in this way.null
Google has already come under fire for the obfuscation around its so-called “incognito” browsing, and with FLoC, most of you won’t know anything about them. EFF warns that “a switch has silently been flipped in millions of instances of Google Chrome: those browsers will begin sorting their users into groups based on behavior, then sharing group labels with third-party trackers and advertisers around the web.”
And while I’m sure that as this rollout hits the mainstream, there will be easy ways to toggle a switch and opt out, it will be exactly the same as with cookies. You will constantly be encouraged to enable all the trackers operating behind the scenes.
EFF warns that “the Chrome origin trial for FLoC has been deployed to millions of random Chrome users without warning, much less consent. While FLoC is eventually intended to replace tracking cookies, during the trial, it will give trackers access to even more information about subjects.”null
Google told me that “as implemented in the origin trial, FLoC uses significantly less data than what can already be accessed via third-party cookies, and FLoC is designed to prevent websites from reverse-engineering an individual’s browsing activity.” But privacy advocates have been roundly dismissive of this.
And so to Apple. There is a stark irony right now, in that we have never had more information available to us on the exploitation of our private information, the good and bad actors when it comes to tracking us, the tools we can use to protect ourselves. And yet, as proven with FLoC, the other side of that equation is that the data harvesters have never been more sophisticated. It’s a running battle.
Next year, Chrome will ditch the traditional cookies that have been used for years to track users across the web. This will throw the ad industry into a spin. The issue is that Google sits both sides, as platform and advertising sales machine. The risk is that this puts too much control in Google’s hands.
Apple is on the right side of this battle—it has no direct interest in fueling the ad industry, albeit it’s clearly not immune from data collection and advertising itself. But Apple has adopted privacy as a USP, and has gone toe to toe with Facebook and the ad industry with the crackdown on browser and app trackers and those privacy labels.
And so we have reached a fork in the road, a pivot point. Most of the people reading this will not want to opt for the uber-private apps and platforms—I recognize that. As good as DuckDuckGo is, as good as Signal is, as good as ProtonMail is, you’ll want to use a mainstream browser, WhatsApp or iMessage, and standard email apps.And that’s okay. Because Safari is a perfect compromise. If you’re using the Apple ecosystem, it works seamlessly cross-device and already has the anti-tracking tech built in. Furthermore, it will even store your passwords and warn you when one has been reused or breached.
And because this is Apple, you’ll likely trust this more so than other platforms and use it more than you might a dedicated password manager.There is no point in Apple securing your data and your privacy, creating a walled garden around your online experience, if you then install and use Chrome on your iPhone or iPad or Mac. Simply put, don’t let the fox into the chicken coop. “Right now, DuckDuckGo says, “FLoC is only in Google Chrome, and no other browser vendor has expressed an intention or even interest to implement it.”
As I’ve commented before, Google CEO Sundar Pichai has assured that “we don’t use information in apps where you primarily store personal content—such as Gmail, Drive, Calendar and Photos—for advertising purposes, period.” But Chrome isn’t on that list. And so, you need to be mindful as to its true value to Google. Using your digital trail to identify you as a unique user is called fingerprinting. EFF cautions that “fingerprinting is notoriously difficult to stop. Browsers like Safari and Tor have engaged in years-long wars of attrition against trackers, sacrificing large swaths of their own feature sets in order to reduce fingerprinting attack surfaces.” EFF warns that FLoC is “a new fingerprinting risk,” and that Google shouldn’t put that risk in place “until it’s figured out how to deal with existing ones.”EFF has launched a website where you can check if your Chrome browser has FLoC enabled. Clearly this is only relevant for Chrome, and even if it’s not enabled now that could happen at any time without you realizing. FLoC Test for Chrome EFFnullHopefully, with enough pressure, Google will ensure there are some protections added to its FLoC deployment.
The company told me that “if a user has chosen to block third-party cookies with the current version of Chrome, they won’t be included in the origin trial. In April, we’ll introduce a control in Chrome Settings that users can use to opt out of inclusion in FLoC and other Privacy Sandbox proposals.”As I’ve said multiple times, if we don’t reward the apps and platforms that secure and respect our data, and move away from those that do not, then we send a message that it’s okay to harvest at will. If Google’s data collection disclosure didn’t push you from Chrome to Safari (or Firefox or DuckDuckGo or Brave or even Edge), then the furtive deployment of these hidden FLoC should do that now.Follow me on Twitter or LinkedIn. Zak DoffmanZak is a widely recognized expert on surveillance and cyber, as well as the security and privacy risks associated with big tech, social media, IoT and smartphone.