When we talk about Google, regard for personal privacy is generally the last thing on any of our minds. So when Google announced on its company blog yesterday that the latest Chrome update – Chrome 83 – would be jam-packed with new goodies meant to beef up the browser’s privacy and security chops, I was, in a word, sceptical as to how safe and secure they actually were.
In some ways, I was pleasantly surprised – particularly when it came to the updates to the browser’s security chops. An example is the “safety check” that now comes baked into the browser – a feature that let users check if any passwords they’ve stored within the browser have been compromised, or if they’ve downloaded any extensions that might be malicious or malware-y.
Another notable upgrade comes with what Google’s calling “Enhanced Safe Browsing,” a tool that tips users off about the security of the sites they might be visiting, so they can avoid, say, a potential phishing attempt before it hits. With Chrome 83, the company has also taken pains to encrypt some communications between the Chrome browser and the servers hosting a given site—an extra step that could keep bad actors from snooping on the sites that you might be browsing.
I’m not brushing off Chrome’s new, souped-up security measures. It’s good news that the company’s cracking down on scammy sites and browser add-ons that until now, could cripple a person’s personal details if they dare download an extension that’s less than legit. But ultimately, the company’s stance on security isn’t an area that gives many people trouble. Security is something that everyone in the industry has to constantly manage and Google is pretty mindful of threats and does good things for the community. Its privacy practices, on the other hand, have recently prompted unwanted attention from US state Attorneys General and America's Department of Justice (among others). And with this Chrome update, those practices are pretty much unchanged on a technical level.
Granted, Google did make some small tweaks to make the browser’s arcane privacy policies easier to understand, even including “simplified language and visuals,” according to the blog post. They also reshuffled some of their preexisting site-specific settings to make them easier to access. As they put it:
In Site Settings, we’ve reorganised the controls into two distinct sections to make it easier to find the most sensitive website permissions: access to your location, camera or microphone, and notifications. A new section also highlights the most recent permissions activity.
At the top of Chrome settings, you’ll see “You and Google” (previously “People”), where you can find sync controls. These controls put you in charge of what data is shared with Google to store in your Google Account and made available across all your devices.
Because many people regularly delete their browsing history, we’ve moved that control, “Clear browsing data”, to the top of the Privacy & Security section.
Small tweaks aside, there was one major change that’s worth unpacking. With the latest update, Google announced that it would, at long last, be blocking all third-party cookies by default for browsers in incognito mode, with the option to block them during a regular browsing session as well. This comes after months of Google discussing its plans to quash these tracking tags in the name of making a more private – and secure – web, and one that’s free of advertisers snooping on every site you visit.
But just because those third parties aren’t snooping on you doesn’t mean that Google isn’t all up in your data. As pointed out time and time and time again, Google is still collecting dossiers of information on every site you browse and search query you make, and it’s using that intel to furbish its massive adtech empire. This first-party data collected on Google’s behalf, along with Facebook’s and Amazon’s, isn’t going anywhere with this new announcement.
Put another way, with their own tracking tech rendered somewhat useless in this new environment, advertisers aren’t going to stop trying to target the roughly 70% of folks using Chrome for their day-to-day browsing on desktop. Instead, they will be forced into using Google’s vast reams of consumer data to do that dirty work for them and will be strong-armed into forking over billions of dollars that they didn’t have to before. Our digital lives aren’t any more private by blocking these cookies, but they are more monopolised.
This all means that Google is choosing between a couple of bad options at the moment. By axing its support for third-party cookies, it can bolster itself as a stalwart privacy supporter, but one that might be pushed against the wall for its anticompetitive behaviour. If it keeps those trackers in place, it’ll swallow a smaller share of the market, but will be complicit in the web-wide surveillance that’s the bread and butter of some of these third-party adtech orgs. Either way, we still end up being tracked and targeted, and Google still ends up as a trillion-dollar victor, the same way it always has.
Featured image: Google