Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Chrome Google

Google Confirms Its Schedule for Disabling Third-Party Cookies in Chrome - Starting in 2024 (theregister.com) 71

"The abolition of third-party cookies will make it possible to protect privacy-related data such as what sites users visit and what pages they view from advertising companies," notes the Japan-based site Gigazine.

And this month "Google has confirmed that it is on track to start disabling third-party cookies across its Chrome browser in a matter of weeks," writes TechRadar: An internal email published online sees Google software engineer Johann Hofmann share with colleagues the company's plan to switch off third-party cookies for 1% of Chrome users from Q1 2024 — a plan that was shared months ago and that, surprisingly, remains on track, given the considerable pushbacks so far... Hofmann explains that Google is still awaiting a UK Competition and Markets Authority consultation in order to address any final concerns before "Privacy Sandbox" gets the go-ahead.
The Register explores Google's "Privacy Sandbox" idea: Since 2019 — after it became clear that European data protection rules would require rethinking how online ads work — Google has been building a set of ostensibly privacy-preserving ad tech APIs known as the Privacy Sandbox... One element of the sandbox is the Topics API: that allows websites to ask Chrome directly what the user is interested in, based on their browser history, so that targeted ads can be shown. Thus, no need for any tracking cookies set by marketers following you around, though it means Chrome squealing on you unless you tell it not to...

Peter Snyder, VP of privacy engineering at Brave Software, which makes the Brave browser, told The Register in an email that the cookie cutoff and Privacy Sandbox remains problematic as far as Brave is concerned. "Replacing third-party cookies with Privacy Sandbox won't change the fact that Google Chrome has the worst privacy protections of any major browser, and we're very concerned about their upcoming plans," he said. "Google's turtle-paced removal of third-party cookies comes along with a large number of other changes, which when taken together, seriously harm the progress other browsers are making towards a user-first, privacy-protecting Web.

"Recent Google Chrome changes restrict the ability for users to modify, make private, and harden their Web experience (Manifest v3), broadcasting users' interests to websites they visit (Topics), dissolving privacy boundaries on the Web (Related Sites), offloading the battery-draining costs of ad auctions on users (FLEDGE/Protected Audience API), and reducing user control and Web transparency (Signed Exchange/WebBundles)," Snyder explained. "And this is only a small list of examples from a much longer list of harmful changes being shipped in Chrome."

Snyder said Google has characterized the removal of third-party cookies as getting serious about privacy, but he argued the truth is the opposite. "Other browsers have shown that a more private, more user-serving Web is possible," he said. "Google removing third-party cookies should be more accurately understood as the smallest possible change it can make without harming Google's true priority: its own advertising business."

The Register notes that other browser makers such as Apple, Brave, and Mozilla have already begun blocking third-party cookies by default, while Google Chrome and Microsoft Edge "provide that option, just not out of the box."

EFF senior staff technologist Jacob Hoffman-Andrews told The Register that "When Google Chrome finishes the project on some unspecified date in the future, it will be a great day for privacy on the web. According to the announcement, the actual phased rollout is slated to begin in Q3 2024, with no stated deadline to reach 100 percent. Let's hope Google's advertising wing does not excessively delay these critical privacy improvements."

TechRadar points out that after the initial testing period in 2024, Google will begin its phased rollout of the cookie replacement program — starting in June.

Thanks to long-time Slashdot reader AmiMoJo for sharing the news.
This discussion has been archived. No new comments can be posted.

Google Confirms Its Schedule for Disabling Third-Party Cookies in Chrome - Starting in 2024

Comments Filter:
  • Just did this, realized I alrealdy had it. Apparently had a sudden moment of clarity.
    • by caseih ( 160668 ) on Saturday November 25, 2023 @10:57PM (#64031861)

      I install PrivacyBadger and uBlock Origin on all machines I come across, on all browsers.

      • On top of that, I now always open youtube videos in an incognito window and don't "like" anything anymore. Sorry content producers, please complain to Google about their forced ad-showing policies.
        • by MrL0G1C ( 867445 )

          I use a TamperMonkey/violentmonkey script called "remove Adblock Thing" by JoelMatic on Github. It's been working better than the previous adblocker. The nice side effect of using scripts rather than extensions is that all of the scripts come back after having to restore from backup unlike extensions which all get nuked by chrome and chromium forks. Firefox is far better for backing up.

  • I thought everyone's been doing this for years.

  • There are several others out there including ones not based on chrome.

    I switched from chrome years ago. Don't miss it a bit.

    Your browser should support ad block and other useful extensions, not give away more info than it -has- to, run sufficiently fast without chewing up all your ram and crashing and support the ancient basic functions of bookmarks history etc.

    Everything after that is unlikely to be for the end user's benefit.

    It would be hard to find a browser that doesn't have all those basics today.

    • As far ad i understand is that the main problem is chromium, not chrome, which is nowdays engine of many major browsers (like, not also chrome, but also bave and safari, and even edge). The only major player that has a different engine is Firefox with gecko that is our real omly hope. Google has made its way into engine of all the browsers and now making changes to all the web as it pleases
      • Safari. Native on Mac and Windows. Run it in a vm on Linux, too.

        It isn't sexy but it works and doesn't report back to Google.

        • Safari is like the internet explorer of post 2020. It is one terrible browser that doesn't follow the w3c standards, has most bugs and security issues of all modern browsers. And id anyone runs safari in a vm on linux, that person is a straight autist
          • You don't see all the Google privacy invading crap in chrome as bugs? Those are features?

            I've used it on n off for years. Never had a problem displaying anything. Which standard does it not follow anyone cares about?

  • by paulidale ( 6575732 ) on Saturday November 25, 2023 @11:15PM (#64031881)
    Call me a cynic, but disabling 3rd party cookies is going to help Google maintain their monopoly status. Likewise QUIC prevents anyone but the endpoints (i.e. Google) from tracking you. Google is going to win here at the expense of their competition.
    • So, they are pulling an Apple? Disable everything so they can be the gatekeepers of their users info and monetize the hell out of it.
    • by AmiMoJo ( 196126 )

      Google is working towards making it so that the endpoints can't track you either. A recent proposal to use a pair of proxies, configured so that neither of them can gain enough information to track you, would block one of the last ways left to follow users - IP addresses.

      As for the monopoly stuff, there is the Topics API that replaces the need for 3rd party cookies. That is their anti-trust defence.

      I know it's fashionable to hate Google, but if they can get all this widely adopted then it will massively imp

      • The fact you trust them is amazing. They want *all* your data and their actions all lead to that. Pretending the topics api is privacy oriented is the bullshit they want you to believe.
        • by AmiMoJo ( 196126 )

          So how does the privacy API help Google gather data? Specifically, what is the means of exfiltrating the data in a way that can't be detected?

    • Came to post this - G has numerous other ways to track you. They don't need cookies. Other players in the market might need them, but not the Goog.

      The GDPR law(s) in the EU are a classic example of tech regulation being 20 years out of date by the time it comes into force. Meanwhile the US isn't even trying.

  • "Begun"? (Score:5, Informative)

    by 93 Escort Wagon ( 326346 ) on Saturday November 25, 2023 @11:51PM (#64031919)

    "The Register notes that other browser makers such as Apple, Brave, and Mozilla have already begun blocking third-party cookies by default, ..."

    "Have already begun" doesn't really do the other guys justice.

    Apple's Safari has been blocking all third-party cookies since March 2020 - and was blocking tracking cookies long before that.

    And while Mozilla's Firefox hasn't been blocking all third-party cookies by default, its advanced cookie management has made it just about trivially easy to do since... well, for as long as Firefox has existed. And they have been blocking tracking cookies by default for years. Firefox even lets you manage cookies on a domain-by-domain basis - so you can choose to prevent doubleclick.net from ever even creating a cookie, or let google.com only create ephemeral cookies that go away the moment your browser closes.

    • by AmiMoJo ( 196126 )

      One thing I'd like to see in Firefox is ignoring cookie lifetimes like Chrome does. Even if the cookie says it is valid for a year, Chrome will delete it if you don't re-visit the site for some period of time... I think it's a month, I could be wrong.

      On the other hand, I like Firefox's containers, Chrome could benefit from those.

      • by evanh ( 627108 )

        Firefox makes it trivial to enable global auto-delete of all cookies upon exit. That's a very short expiry date. Potentially just seconds.

        • by AmiMoJo ( 196126 )

          I use CookieAutoDelete. That way I can keep cookies for e.g. Slashdot and stay logged in, but everything else is cleared out 60 seconds after I leave a website. It clears all the cache and other storage too.

    • In related news, Foxes, Inc. announced today that it is introducing new security features for henhouses.

      "This is a great step forward, and will prevent chickenhawks and weasels from breaking in. By sending population data for each henhouse through our central servers, we [mumble] that away from these pests." :)

      hawk

    • No, Safari are not blocking all third party cookies. Much of the internet doesn't work if you do that. Firefox keep having to ask for permission to allow the third-party cookies anyway, otherwise I couldn't use any Microsoft , Apple, or Google websites.

  • Seems pointless since they want to place third party cookies with something else equally as bad.

    • It used to be FLoC (Federated Learning of Cohorts) , but that got shuttered due to the outcry, and now google Topics is supposed to fill that gap.

  • Haven't seen any mention of DuckDuckGo in this discussion.
    Does anybody know how it compares to other browsers in security features?

    • I use it on Android. Blocks ads okay but not as effectively as uBlock Origin. The cookie defaults still suck and it still sucks off any Javascript penis it's handed.
  • They should be killed for the same reason.

    • I completely agree. No browser should be made to do that to itself.
    • by Dwedit ( 232252 )

      You can use uMatrix today and have JavaScript disabled on all third party sites by default. And the web becomes cumbersome to use until you find out exactly which third-party javascript and fetches you need to enable for each host before the video on the news article actually loads.

  • Browser defaults suck. They are setup for advertisers, not for users. Most still allow cookies and third party cookies by default. The big ones all have Javascript on by default. You don't get to run code on my box, sport, no matter how socially acceptable it is, it's still a completely stupid idea, folks. Most of the "plugins" to block these activities do not work (NoScript being a notable exception). Why in the world would I want some advertising-scum to be able to check for their same cookie on 100 diff
    • Browser defaults suck...The big ones all have Javascript on by default. You don't get to run code on my box, sport, no matter how socially acceptable it is, it's still a completely stupid idea, folks....Just turn it off, NOW.

      The thing is...sadly, it's not quite that simple.

      Try logging into GoDaddy's website with Canvas Fingerprinting disabled...you can't.

      Try signing up for an Outlook.com e-mail address with any form of disabled fingerprinting...you can't. Gmail is no better...and while I haven't done it in a while, I'm fairly certain they want a cell number to sign up now, too.

      These are just a handful of known examples off the top of my head...and while they all suck, I know...the fact of the matter is that there are lots of pe

      • I respect what you're saying, but I don't think it's that complicated. It's the same thing a lot of people say about food. They have no realistic ability to eat better. "I have to eat fast food. That's the only thing available in my neighborhood." The narrative goes that it's just overwhelmingly convenient and any loss of that convenience is going to be unacceptable. Well, to some extent that is true. People who's value-system places high value on convenience are going to find inconvenient choices to be unt
  • Google is an advertising company. The advertisers don't ply them with money out of goodwill. The advertisers are the customers. Users the product. Oh, and along with Manifest v3 you lose ability to block ads. Enjoy the ads Chrome folks.
  • Will Google's own third-party cookies be exempt?

  • Never liked the interface, was/is a memory hog and collects your personal data ! 3 Strikes !!

We are Microsoft. Unix is irrelevant. Openness is futile. Prepare to be assimilated.

Working...