Google’s FLoC has a number of ‘important’ privacy concerns, says Firefox
Google’s new proposal for targeted ad tracking has a number of properties that could pose “significant” risks to user privacy, according to Firefox maker Mozilla.
Firefox released the results of analysis Google’s Cohort Federated Learning Proposal, or FLoC. Google believes the new “privacy protection” system could be used to replace third-party cookies for ad tracking purposes. Rescorla, however, says there are major privacy issues with the system.
FLoC operates using a new “cohort” identifier. Compared to cookies, “cohorts” identify a group of users with similar interests rather than just one person. Advertisers can then use these cohorts for ad tracking purposes without needing a specific user’s browsing history.
However, the cohorts will likely only be made up of thousands of users. This could allow trackers to target specific users very quickly, wrote Firefox CTO Eric Rescorla.
For example, tracking companies could use browser fingerprints to narrow the list of potential users from a cohort to a few. Firefox says the trackers would only need “a relatively small amount of information” when combined with a FLoC cohort.
Additionally, trackers could use FLoC ID combinations within a given time frame to distinguish individual users. This is because neither FLoC IDs nor user interests are constant.
FLoC identifiers also disclose more information than cookies. Unlike site-specific cookies, FLoC IDs are the same on all websites. As a result, “they become a shared key to which trackers can associate data from external sources.”
For example, it is possible for a tracker with a significant amount of first party data of interest to operate a service that simply answers questions about the interests of a given FLoC ID. For example, “Do people with this Cohort ID like cars?”. All a site has to do is call the FLoC APIs to get the cohort ID and then use it to find information in the service. Additionally, the ID can be combined with the fingerprint data to ask “Do people who live in France have Macs, use Firefox and have this ID like cars?” The end result here is that any site will be able to learn a lot about you with much less effort than it needs today.
Google has proposed several countermeasures to alleviate these privacy concerns, including making FLoC opt for websites and removing cohorts it says are too tied to “sensitive” topics. However, Firefox believes that they are not enough.
“While these mitigation measures seem useful, they mostly appear to be marginal improvements and do not address the basic issues described above, which we believe require further study by the community,” said writes Rescorla.
He added that the issues would only be a problem if FLoC was pushed back in its current form – they could still be fixed. Mozilla has released more information and offered potential solutions, in a more in-depth analysis.
Since the FLoC proposal was announced, a number of browser companies, including Brave, Vivaldi and Opera, have spoken out against the idea.
Follow all of WWDC 2021 with Appleinsider Coverage of the weeklong event from June 7 to 11, including details on iOS 15, iPadOS 15, watchOS 8, macOS Monterey and more.
Stay up to date with all Apple news straight from your HomePod. Say “Hey, Siri, play AppleInsider” and you’ll get the latest AppleInsider podcast. Or ask your HomePod mini “AppleInsider Daily” instead and you’ll hear a quick update straight from our press team. And, if you’re interested in Apple-centric home automation, say, “Hey, Siri, play HomeKit Insider,” and you’ll be listening to our latest specialty podcast in just a few moments.