Google Wants to Track Your Digital Fingerprints Again (mashable.com) 22
Google is reintroducing "digital fingerprinting" in five weeks, reports Mashable, describing it as "a data collection process that ingests all of your online signals (from IP address to complex browser information) and pinpoints unique users or devices." Or, to put it another way, Google "is tracking your online behavior in the name of advertising."
The UK's Information Commissioner's Office called Google's decision "irresponsible": it is likely to reduce people's choice and control over how their information is collected. The change to Google's policy means that fingerprinting could now replace the functions of third-party cookies... Google itself has previously said that fingerprinting does not meet users' expectations for privacy, as users cannot easily consent to it as they would cookies. This in turn means they cannot control how their information is collected. To quote Google's own position on fingerprinting from 2019: "We think this subverts user choice and is wrong...." When the new policy comes into force on 16 February 2025, organisations using Google's advertising technology will be able to deploy fingerprinting without being in breach of Google's own policies. Given Google's position and scale in the online advertising ecosystem, this is significant.
Their post ends with a warning that those hoping to use fingerprinting for advertising "will need to demonstrate how they are complying with the requirements of data protection law. These include providing users with transparency, securing freely-given consent, ensuring fair processing and upholding information rights such as the right to erasure."
But security and privacy researcher Lukasz Olejnik asks if Google's move is the biggest privacy erosion in 10 years.... Could this mark the end of nearly a decade of progress in internet and web privacy? It would be unfortunate if the newly developing AI economy started from a decrease of privacy and data protection standards. Some analysts or observers might then be inclined to wonder whether this approach to privacy online might signal similar attitudes in other future Google products, like AI... The shift is rather drastic. Where clear restrictions once existed, the new policy removes the prohibition (so allows such uses) and now only requires disclosure... [I]f the ICO's claims about Google sharing IP addresses within the adtech ecosystem are accurate, this represents a significant policy shift with critical implications for privacy, trust, and the integrity of previously proposed Privacy Sandbox initiatives.
Their post includes a disturbing thought. "Reversing the stance on fingerprinting could open the door to further data collection, including to crafting dynamic, generative AI-powered ads tailored with huge precision. Indeed, such applications would require new data..."
Thanks to long-time Slashdot reader sinij for sharing the news.
The UK's Information Commissioner's Office called Google's decision "irresponsible": it is likely to reduce people's choice and control over how their information is collected. The change to Google's policy means that fingerprinting could now replace the functions of third-party cookies... Google itself has previously said that fingerprinting does not meet users' expectations for privacy, as users cannot easily consent to it as they would cookies. This in turn means they cannot control how their information is collected. To quote Google's own position on fingerprinting from 2019: "We think this subverts user choice and is wrong...." When the new policy comes into force on 16 February 2025, organisations using Google's advertising technology will be able to deploy fingerprinting without being in breach of Google's own policies. Given Google's position and scale in the online advertising ecosystem, this is significant.
Their post ends with a warning that those hoping to use fingerprinting for advertising "will need to demonstrate how they are complying with the requirements of data protection law. These include providing users with transparency, securing freely-given consent, ensuring fair processing and upholding information rights such as the right to erasure."
But security and privacy researcher Lukasz Olejnik asks if Google's move is the biggest privacy erosion in 10 years.... Could this mark the end of nearly a decade of progress in internet and web privacy? It would be unfortunate if the newly developing AI economy started from a decrease of privacy and data protection standards. Some analysts or observers might then be inclined to wonder whether this approach to privacy online might signal similar attitudes in other future Google products, like AI... The shift is rather drastic. Where clear restrictions once existed, the new policy removes the prohibition (so allows such uses) and now only requires disclosure... [I]f the ICO's claims about Google sharing IP addresses within the adtech ecosystem are accurate, this represents a significant policy shift with critical implications for privacy, trust, and the integrity of previously proposed Privacy Sandbox initiatives.
Their post includes a disturbing thought. "Reversing the stance on fingerprinting could open the door to further data collection, including to crafting dynamic, generative AI-powered ads tailored with huge precision. Indeed, such applications would require new data..."
Thanks to long-time Slashdot reader sinij for sharing the news.
And this is why... (Score:1)
Re: (Score:2)
I have a pihole that I route all requests through, use firefox with ublock origin. Is there anything else I can do to prevent these parasites from tracking me?
Re: (Score:3, Informative)
In the 66 page suit and in later news articles, Oracles methods are revealed. They use tracking pixels, which are impossible to avoid
These data harvesting practices are largely invisible to most internet users. Tracking pixels are intentionally unobtrusive. They are embedded in digital platforms as almost invisible transparent 1x1 pixel png file thereby inextricably subjecting users to having their online activities monitored.
Some of the tracking tools, such as pixel trackers, are unavoidable because unlike cookies, they cannot be disabled. Oracle’s cookies and tracking pixels are pervasive throughout the Internet. Oracle has agreements with numerous high-traffic websites like the New York Times, ESPN, and Amazon to place cookies and/or pixels on their websites. By blanketing popular websites with these tracking tools, Oracle reaches a substantial percentage of Internet users—Oracle cookies are found on over 20 percent of the top 10,000 websites and more than 48 thousand websites. https://www.linkedin.com/pulse... [linkedin.com]
Its only going to get worse. Google is apparently playing catch up. "Ellison Declares Oracle 'All In' On AI Mass Surveillance" https://developers.slashdot.or... [slashdot.org]
Ellison made the comments near the end of an hour-long chat at the Oracle financial analyst meeting last week during a question and answer session in which he painted Oracle as the AI infrastructure player to beat in light of its recent deals with AWS and Microsoft. Many companies, Ellison touted, build AI models at Oracle because of its "unique networking architecture," which dates back to the database era. "Citizens will be on their best behavior because we're constantly recording and reporting," Ellison added, though it's not clear what he sees as the source of those recordings - police body cams or publicly placed security cameras. "There are so many opportunities to exploit AI," he said.
You might get some idea of how easily you are tracked by seeing how unique your
Re: (Score:1)
From that site:
"we will collect your browser fingerprint and we will put a cookie on your browser for a period of 4 months."
Thanks. No thanks.
Re: (Score:2)
They use tracking pixels, which are impossible to avoid
Delete cache early and often.
Re: (Score:2)
Hosting the cache on a tmpfs mount works quite well with firefox.
Sadly, Ubuntu's decision to force flatpak use for firefox makes this much more difficult to do on platform's based on the distro, but not impossible.
They seem to go out of their way to force the flatpak version's priority as well, sometimes even reverting the priority you set when you install the package manager PPA version direct from Mozilla.
It is at least, still possible to do. Just set it to something reasonable, and let the cache get nuk
Re: (Score:3)
A bit of a random list, feel free to explain why each option actually makes things worse, which is probably true in some cases with some trackers.
* Be aware that the more you do the more risk that you stand out each of the things below can probably be used as an identifying bit in a fingerprint
* Route all your traffic through a VPN or system like Tor so that it is grouped with other people's traffic, but be aware that even nastier people spy on those
* Run against a browser fingerprinting site to understand
Re: And this is why... (Score:2)
Time to assemble a whitelist - Internet Archive, Wikipedia, my bank, Slashdot and a couple of other forums and blogs I visit.
The ICO requires cookies FFS! (Score:3, Insightful)
https://ico.org.uk
Craft ads with precision? (Score:4, Interesting)
I keep hearing about this "precision". Google has been talking about targeting relevant ads to people for 2 decades now. Yet still all I get over and over again are ads for products I already have, or ads for products I'm not actually interested in.
Buy a new camera from Nikon, get an advert for a Sony camera. What are they going for? Hoping I have buyers remorse and return the product?
Google's targeted ads are my favourite kind of ads. They are useless and don't influence my purchase because they come too late.
Re: (Score:2)
I keep hearing about this "precision". Google has been talking about targeting relevant ads to people for 2 decades now. Yet still all I get over and over again are ads for products I already have, or ads for products I'm not actually interested in.
Buy a new camera from Nikon, get an advert for a Sony camera. What are they going for? Hoping I have buyers remorse and return the product?
Google's targeted ads are my favourite kind of ads. They are useless and don't influence my purchase because they come too late.
Advertising is a scam at both ends.
The scam you're seeing is the scam on advertisers. For any given ad, there are a few possibilities. A} I am not interested in the product. B} I am interested in the product but can't afford it. C} I am interested in the product but won't dedicate my disposable income to it. D} I am interested in the product, can afford it, am willing to dedicate my disposable income to it, and for some strange reason haven't yet.
Whoever is charging the manufacturer in return for t
It's The Onus (Score:2)
If Google tracks you using a cookie, the onus is on them to handle that data.
If Google tracks you by asking your browser what your identity is, it puts the onus on you to answer that how you see fit.
The term "Cookie" is written into thousands of laws and other compliance documents already and is regulated. Browser and system fingerprinting is not covered the same way in legal documents and is not heavily regulated, unless you sell the fingerprint data to someone else. In Googles model, there is no need
Re: (Score:2)
Re: (Score:3)
The bulk of fingerprinting comes from browser data, and especially from the HTML Canvas element, but if you're using an App or signing in then they obviously already have you tracked with a unique ID. The problem that trackers like Google face is that with NAT a LOT of eyeballs can be behind a single IP, and even if you have a static IP for your property, they still want to get down to the level of ind
Re: (Score:2)
>"Paging Brave (that already does some of this), Mozilla, Opera, et al..."
I think you mean "Paging Mozilla", essentially. Since all the others are already Chrom* and it is quite possible they won't be able to effectively combat all of it while keeping their innards compatible/secure/upgradable.
Mozilla will have none of those issues with Firefox. One of many, many reasons we shouldn't have everyone using what is essentially the same monoculture browser, especially one under control of an advertising gia
Google gets the middle finger... (Score:2)
Re: (Score:2)
>"Up theirs !"
And that starts by using and promoting Firefox. Doesn't end there, however, but it is a decent start.
I'll fool them (Score:2)
(puts on rubber gloves before touching the keyboard)
Alternative browsers (Score:2)
somebody needs to start selling android phones without an umbilical cord to google & google playstore, F-Droid would be plenty good for me
Nowhere to escape (Score:2)