Google to end support for third‑party cookies in Chrome | WeLiveSecurity

Google to end support for third‑party cookies in Chrome

The company will also soon launch anti-fingerprinting measures aimed at detecting and mitigating covert tracking and workarounds

The company will also soon launch anti-fingerprinting measures aimed at detecting and mitigating covert tracking and workarounds

Google has announced plans to phase out support for third-party cookies in its Chrome web browser within the next two years. The company is joining the ranks of Mozilla and Apple that, also in a bid to improve privacy on the web, have implemented similar changes in the Firefox and Safari browsers, respectively. But the way Google approaches the issue diverges from the path the competition took.

While Apple and Mozilla instituted a block of all third-party cookies by default, Google is planning to develop its own set of technical solutions and tools that it believes will satisfy the needs of all the parties concerned – users, web publishers, and advertisers. The reasoning behind this decision is that the nuclear option of blocking all third-party cookies, which are instrumental for targeted advertising, may have unintended adverse effects.

Justin Schuh, director of Chrome Engineering put it this way:

“Some browsers have reacted to these concerns by blocking third-party cookies, but we believe this has unintended consequences that can negatively impact both users and the web ecosystem. By undermining the business model of many ad-supported websites, blunt approaches to cookies encourage the use of opaque techniques such as fingerprinting (an invasive workaround to replace cookies), which can actually reduce user privacy and control.”

RELATED READING: Six tips to help you avoid targeted marketing

You won’t have to wait until 2022 to see the steps Google is taking to mitigate tracking in Chrome, which remains the most popular web browser by far. As of next month, Google will limit insecure cross-site tracking. Cookies that don’t include the SameSite label will be treated as first-party cookies, while third-party cookies will have to be accessed using HTTPS connections. According to Schuh, this should make third-party cookies more secure and give users more control. At the same time, Schuh said that, by the end of this year, the company will launch anti-fingerprinting measures aimed at detecting and mitigating “covert tracking and workarounds.”

Google is also asking web users to engage in the debate and to help them in achieving the goal of a “more trustworthy and sustainable web.” They can do that by giving feedback and sharing ideas and proposals on GitHub. Users ranging from publishers, developers to advertisers will have a chance to experiment with the new mechanisms and test if they work in different situations.

The tech giant hasn’t been blind to the shift in the public’s opinion on data privacy and security and has engaged in the ongoing debate for quite some time. The latest move is part of the Privacy Sandbox initiative, which Google introduced last August and which, per the company’s statement at the time, is aimed at “evolving the web with architecture that advances privacy while continuing to support a free and open ecosystem”.

Discussion