Google proposes new privacy and anti-fingerprinting controls for the web

Google today announced a new long-term initiative that, if fully realized, will make it harder for online marketers and advertisers to track you across the web. This new proposal follows the company’s plans to change how cookies in Chrome work and to make it easier for users to block tracking cookies.

Today’s proposal for a new open standard extends this by looking at how Chrome can close the loopholes that the digital advertising ecosystem can use to circumvent that. And soon, that may mean that your browser will feature new options that give you more control over how much you share without losing your anonymity.

Over the course of the last few months, Google started talking about a “Privacy Sandbox,” which would allow for a certain degree of personalization while still protecting a user’s privacy.

“We have a great reputation on security. […] I feel the way we earned that reputation was by really moving the web forward,” Justin Schuh, Google’s engineering director for Chrome security and privacy told me. “We provide a lot of benefits, worked on a lot of different fronts. What we’re trying to do today is basically do the same thing for privacy: have the same kind of big, bold vision for how we think privacy should work on the web, how we should make browsers and the web more private by default.”

Here is the technical side of what Google is proposing today: To prevent the kind of fingerprinting that makes your machine uniquely identifiable as yours, Google is proposing the idea of a privacy budget. With this, a browser could allow websites to make enough API calls to get enough information about you to group your into a larger cohort but not to the point where you give up your anonymity. Once a site has exhausted this budget, the browser stops responding to any further calls.

Some browsers also already implement a very restrictive form of cookie blocking. Google argues that this has unintended consequences and that there needs to be an agreed-upon set of standards. “The other browser vendors, for the most part, we think really are committed to an open web,” said Schuh, who also stressed that Google wants this to be an open standard and develop it in collaboration with other players in the web ecosystem.

“There’s definitely been a lot of not intentional misinformation but just incorrect data about how sites monetize and how publishers are actually funded,” Schuh stressed. Indeed, Google today notes that its research has shown that publishers lose an average of 52% of their advertising revenue when their readers block cookies. That number is even higher for news sites.

In addition, blocking all third-party cookies is not a viable solution, according to Google, because developers will find ways around this restriction by relying on fingerprinting a user’s machine instead. Yet while you can opt out of cookies and delete them from your browser, you can’t opt out of being fingerprinted, because there’s no data stored on your machine (unless you regularly change the configuration of your laptop, the fonts you have installed and other identifiable traits that make your laptop uniquely yours).

What Google basically wants to do here is change the incentive structure for the advertising ecosystem. Instead of trying to circumvent a browser’s cookie and fingerprinting restrictions, the privacy budget, in combination with the industry’s work on federated learning and differential privacy, this is meant to give advertisers the tools they need without hurting publishers, while still respecting the users’ privacy. That’s not an easy switch and something that, as Google freely acknowledges, will take years.

“It’s going to be a multi-year journey,” said Schuh. “What I can say is that I have very high confidence that we will be able to change the incentive structures with this. So we are committed to taking very strong measures to preserve user privacy, we are committed to combating abuses of user privacy. […] But as we’re doing that, we have to move the platform forward and make the platform inherently provide much more robust privacy protections.”

Most of the big tech companies now understand that they have a responsibility to help their users retain their privacy online. Yet at the same time, personalized advertising relies on knowing as much as possible about a given user, and Google itself makes the vast majority of its income from its various ad services. It sounds like this should create some tension inside the company. Schuh, however, argued that Google’s ad side and the Chrome team have their independence. “At the end of the day, we’re a web browser, we are concerned about our users’ base. We are going to make the decisions that are most in their interest so we have to weigh how all of this fits in,” said Schuh. He also noted that the ad side has a very strong commitment to user transparency and user control — and that if users don’t trust the ads ecosystem, that’s a problem, too.

For the time being, though, there’s nothing here for you to try out or any bits being shipped in the Chrome browser. For now, this is simply a proposal and an effort on the Chrome team’s part to start a conversation. We should expect the company to start experimenting with some of these ideas in the near future, though.

Just like with its proposed changes to how advertisers and sites use cookies, this is very much a long-term project for the company. Some users will argue that Google could take more drastic measures and simply use its tech prowess to stop the ad ecosystem from tracking you through cookies, fingerprinting and whatever else the adtech boffins will dream up next. If Google’s numbers are correct, though, that would definitely hurt publishers, and few publications are in a position to handle a 50% drop in revenue. I can see why Google doesn’t want to do this alone, but it does have the market position to be more aggressive in pushing for these changes.

Apple, which doesn’t have any vested interest in the advertising business, has already made this more drastic move with the latest release of Safari. Its browser now blocks a number of tracking technologies, including fingerprinting, without making any concessions to advertisers. The results of this for publishers is in line with Google’s cookie study.

As far as the rest of Chrome’s competitors, Firefox has started to add anti-fingerprinting techniques as well. Upstart Brave, too, has added fingerprinting protection for all third-party content, while Microsoft’s new Edge currently focuses on cookies for tracking prevention.

By trying to find a middle path, Chrome runs the risk of falling behind as users look for browsers that protect their privacy today — especially now that there are compelling alternatives again.