Google is facing a flurry of backlash after announcing plans to protect user privacy by continuing to allow cookies in Chrome in a proposal it calls the Privacy Sandbox. This felt like a surprise, since the company suggested in May that it would “update how cookies are handled in Chrome.” Since Apple, Mozilla, and Microsoft are all moving away from tracking users through cookies, it seemed like Google would do the same. But nah. Cookies are good for advertisers, and Google makes a tonne of money selling ads.
In other words, Google wants it both ways. Its recent announcement came cloaked in a lot of feel-good words about how important privacy is and how blocking cookies would boost the practice of browser fingerprinting, a relatively rare method of online tracking that uses metrics like fonts installed or screen size to create unique profiles of each user. Right on the heels of this argument, however, Google points out that blocking cookies would also prevent publishers from serving relevant ads and making money which “jeopardises the future of the vibrant web.” Google fails to admit here that its primary business is selling those ads to publishers. So, in what a pair of Princeton researchers are calling “privacy gaslighting,” Google insists that it believes in user privacy but refuses to take the necessary steps to protect user privacy, since it’s presumably more profitable not to do so.
The whole thing is sort of wild when you step back and think about it. Jonathan Mayer and Arvind Narayanan, the aforementioned Princeton researchers, have been watching Google’s privacy record for the better part of a decade, and they absolutely roasted the company’s new initiative in a blog post that picks apart nearly every part of the Google announcement. Whether you’re a privacy fan or not, this deconstruction of Google’s strategy offers a fascinating glimpse into the current state of the web. Key amongst the revelations therein are well-documented arguments about how cookies don’t actually help publishers make much more money—the researchers say cookies offer about a 4 percent revenue bump—as well as how allowing cookies is hardly a strategy to prevent fingerprinting.
“To appreciate the absurdity of this argument,” the researchers write, “imagine the local police saying, ‘We see that our town has a pickpocketing problem. But if we crack down on pickpocketing, the pickpocketers will just switch to muggings. That would be even worse. Surely you don’t want that, do you?’”
In case you don’t quite catch the metaphor, Google is essentially arguing that by continuing to allow a misdemeanour, it might prevent felonies. Meanwhile, its competitors are straight-up fighting crime. Apple says it has always blocked third-party cookies in Safari, and in 2017, the company launched its Intelligent Tracking Prevention technology, which further limits cookies and other data collection in order to prevent cross-site tracking. Mozilla announced a similar initiative called Enhanced Tracking Protection earlier this year. In its recent announcement, Google appeared to reference these explicitly pro-privacy efforts by warning that they “are having unintended consequences.”
It’s not clear why Google thinks protecting users’ privacy will wreak hypothetical havoc on the web. It does seem obvious that tracking users through cookies helps Google make more money by selling highly targeted ads. Beyond that, the company is trying to build an argument around how sticking to tracking users is the best because its competitors’ newfangled privacy protections haven’t been tested. Cookies, on the other hand, have been around for ages. What Google fails to mention is that, according to the original technical specifications, cookies were never supposed to allow for third-party tracking. It’s companies like Google that have enabled these nasty little critters to thrive.
“The overt paternalism here is disappointing,” Mayer and Narayana say. “Google is taking the position that it knows better than users—if users had all the privacy they want, they wouldn’t get the free content they want more. So no privacy for users.”
Would it be so awful if you could use the web without that ad for some ugly trainers chasing you from website-to-website? Imagine a future when ads weren’t so scarily targeted that people think companies are tapping into their devices’ microphones to listen in on their conversations in order to serve them more relevant ads. Instead of meaningful changes to how its browser could improve privacy, Google is offering the world a Privacy Sandbox that includes a series of explainers on how it could make some change to Chrome without limiting the billions of dollars it makes selling targeted ads. We contacted Google for more information on why it’s doubling down on cookies, despite privacy advocates hating the idea and many people believing after its earlier announcement that the company was cracking down on cookies. A Google spokesperson said that there were “no changes” from its earlier announcement and pointed us to the blog post that explains how Google is doubling down on cookies.
Really, the big piece of encouraging information to glean from all this is that it’s extremely easy to stop using Chrome. Switch to Safari! Go back to Firefox! Give Edge a try! Don’t believe Google when it says it knows what’s best for you. None of these tech companies are your friend, and it’s increasingly looking like Google wants to be your evil enemy.
Featured image: Illustration: Google / Gizmodo