Chrome's Move To Stomp Out Third Party Cookies? Good For Privacy, Good For Google's Ad Business... Or Both?
from the people-are-so-bad-at-systems-thinking dept
We've talked in the past how efforts solely focused on "protecting privacy" without looking at the wider tech ecosystem and the challenges its facing may result in unintended consequences, and now we've got another example. Google has announced that it's beginning a process to phase out support for third-party cookies in Chrome. Looking at this solely through the lens of privacy, many privacy advocates are celebrating this move, saying that it will better protect user privacy. But... if you viewed it from a more competitive standpoint, it also does much to give Google significantly more power over the ad market and could harm many other companies. Former Facebook CSO, Alex Stamos' take is pretty dead on here:
I think we will see this pattern in tech policy play out repeatedly over the next decade:
1) Media blows up anti-tech narrative with no thought to countervailing equities
2) Legislators/regulators act on the narrative
3) Both are outflanked by tech co’s more tied into the reality— Alex Stamos (@alexstamos) January 14, 2020
A win for privacy may be a loss for competition -- and nearly every big regulatory effort to "deal with" big internet companies is going to play right into those companies' hands.
For years I've been talking about how we need to view privacy as a series of tradeoffs, or any attempt to regulate privacy will go badly. Here, this is even pre-regulation, but just based on the nature of the public narrative that third party cookies must obviously be bad. They can be, but not always. And the end result here is that the "trade off" for protecting more privacy is giving more of the ad market to Google. I'm guessing that most privacy advocates would argue that they don't want to do that. But if you look solely through the lens of 3rd party cookies and no further -- that's what you get.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: 3rd party cookies, chrome, competition, cookies, privacy, tradeoffs
Companies: google
Reader Comments
Subscribe: RSS
View by: Time | Thread
A quick skim through the blog post didn't give me any technical insight into what exactly they attempting.
However my initial reaction doubts the assertion that it will enhance privacy. I suspect it will just lead to things like more silos' (which means single breaches will have much larger consequences).
[ link to this | view in chronology ]
There are some pretty simple ways around this change that would render it fluff and rainbows. Great marketing, I guess, but not all that effective.
[ link to this | view in chronology ]
"phase out support for third-party cookies"
First party is ok tho
[ link to this | view in chronology ]
This is very good news.
It reduces the number of lying, back stabbing, con artists, filth slingers from infinity to one.
[ link to this | view in chronology ]
Until the governments get involved because of anti-trust complaints. Does anyone REALLY believe any government is capable of fixing any problem on the internet without fucking it up in ways never dreamed possible?
[ link to this | view in chronology ]
Re:
The FTC has a terrible record in dealing with anti-trust issues, just look at the telecom situation. Though, for Google, they might make an exception, especially after some well funded (aka bribed) congresscritters put some pressure on.
[ link to this | view in chronology ]
Re:
When the governments gets involved the number of lying, back stabbing, con artists, filth slingers will then be raised from one to two which is a lot less than infinity.
[ link to this | view in chronology ]
Re: Re:
There is more than one government looking to control the internet.
[ link to this | view in chronology ]
Re:
The internet companies are fucking it up gladly themselves, so what are you on about?
[ link to this | view in chronology ]
Re: Re:
To errr is human, to epically fuck up beyond any redemption requires government involvement.
[ link to this | view in chronology ]
Can you not block third-party cookies by setting already?
And when using non-Google sites, are Goog cookies not third party, or do they think themselves zeroth party since they made the browser?
[ link to this | view in chronology ]
Re:
You can BUT if you do then NO mainstream media site will allow you entrance.
[ link to this | view in chronology ]
Re: Re:
" then NO mainstream media site will allow you entrance."
Ok, that would bad, exactly WHY????
[ link to this | view in chronology ]
Re: Re:
Uh, really?
I allow only scripts and cookies that are necessary, and don't often have many issues. Can't exactly say i haunt many legacy media properties, though.
[ link to this | view in chronology ]
Re:
Firefox does this already by default.
I think Chrome are just playing catch up.
[ link to this | view in chronology ]
In related news, Verizon just launched its own web search tool and promises that it has no tracking cookies or personal profiling. I also hear they have a bridge for sale cheap.
[ link to this | view in chronology ]
Re:
Verizon has as much credibility as Agit Pai.
[ link to this | view in chronology ]
Re: Re:
You say that as though there's a difference between the two.
[ link to this | view in chronology ]
Re: Re: Re:
Of course, one is the employer, and the other is the employee, past, possibly the future, and seemingly current.
[ link to this | view in chronology ]
It's good people are trying new things to deal with the privacy problem but google doesn't appear to be the biggest issue from my perspective
[ link to this | view in chronology ]
This is great PR but it's not really effective for preventing tracking. Many places are already ahead of the game on this and what they are trying to do
One company checks your browser signature, similar to a fingerprint. You drop that site that uses this, delete your cookies, go to another site and they recognize you over several visits. Mostly your signature is fairly unique when reading your browser type, monitor type, text settings, resolution, what extensions you have installed, etc. It's wholly outside your browser or what settings you have. Changing browsers will help to some extent.
Another setup to track you that doesn't involve cookies is having an advertising number in your browser or OS. Windows install even asks you about it. That number is unique to your computer and that install. Tracking cookies are a thing they no longer need. Part of the problem seems to be that there's not enough data room for their purposes with a tracking cookie.
[ link to this | view in chronology ]
Re:
This. Fingerprinting is incredibly easy. You can even tell who is visiting your site via keystrokes rhythm/intervals. Privacy needs to be dealt with at the browser level. It should not give any info to the sites visited unless the user specifically allows it save some general info like browser version and possibly screen resolution. There's no reason to send more than that.
[ link to this | view in chronology ]
Re:
You system information can easily be blocked or spoofed by the client so it will only be helpful to them in the short term (until people decide it is a problem) at best. The actual information that is helpful for formatting your result would be nowhere close to unique
The advertising number isn't unique to your install, they let you reset it to a random number whenever you like, and that is assuming you opt in to using it in the first place.
[ link to this | view in chronology ]
But Mike, you're such a Google shill you should love this! /s
[ link to this | view in chronology ]
Third-party cookies superseded
Google Analytics nowadays stores its formerly third-party cookies as first-party cookies, sending them to Google servers by JavaScript, so it's no surprise that Google finds them unnecessary.
Don't worry, even the publishers are "smart" enough to use the same trick. See for instance https://noyb.eu/say-no-to-cookies-yet-see-your-privacy-crumble/ and another one found for Mozilla Firefox' cookie protection which I cannot find right now.
Google wouldn't be making this move if there was any serious money left in the practice, IMHO.
[ link to this | view in chronology ]