Google, Facebook, and their pals make big money because companies believe that carefully-targeted advertising is more effective than plain ol’ marketing blitzes. While there is some debate about that, it hasn’t stopped Google from harvesting and reselling enormous amounts of information about people. About you. One of their primary tools has been the third-party cookie. When you go to myfavoritesite.com, you are the first party. myfavoritesite.com is the second party. But they can also send cookies your way on behalf of Google et. al., and allow those behemoths to track your every move.
Nowadays, those third-party cookies are falling into deep disfavor. The abuses they enable are vast, including institutional discrimination, predatory marketing, and deep invasions of privacy.
The handwriting is on the wall; third-party cookies are on the way out, and Google is stepping nimbly to repackage its evil. Never forget, fundamental to their business is their ability to package and sell you.
Their latest initiative is the “privacy sandbox”, which means that some information about you is never sent to the mother ship. Instead, an algorithm in the Chrome browser will wrap up your browsing history for the week and assign you to a group. Google won’t be selling you, they will be selling a group. That makes it private.
Now mind you, that group won’t be useful to advertisers unless they know some of the qualities of the group. And don’t forget, if the site you visit knows you’re one of a few thousand people, it’s much easier for them to pin exactly who you are than if you were one of many millions.
And now you’re in a “cohort”, defined by google. You cohort might shift a bit, week to week, which is especially interesting to the sites who can tell exactly who you are.
Brief aside on “knowing exactly who you are”: two browsers have built-in systems for thwarting those efforts. Tor is one, the official browser of the Dark Web, and Safari is the other. Firefox has some great add-ons that accomplish the same thing. But none of those browsers can keep you anonymous in a pool of only a few thousand.
Less brief Twitter anecdote: Twitter offered users the choice to opt out of a particularly invasive form of tracking. But after a while they discovered that there was a bug in their software and that in fact they had been sharing that stuff with advertisers anyway. Oops! They fixed the bug and revenue plummeted. Turns out that information was what they were being paid for. Their solution: Change the Terms of Service! Users can no longer opt out of sharing that information. It was pitched as being required to keep Twitter a free service. Twitter is not free, and is not a service.
Anyway, back to Google. They say that they will watch the cohorts, to make sure that people who are in “sensitive interest categories” aren’t bunched together in a too-exploitative manner.
First, that means that there will not be a privacy sandbox on your computer, because the mother ship will need to monitor the cohorts. Second, there is a corporation deciding what the sensitive interest categories are, and how to protect them, and each iteration of their algorithm may expose another “sensitive” group. Third, I may or may not be part of any of the sensitive groups as defined by Google, but that doesn’t make my privacy less a right. Finally, It just won’t work, because if someone can figure out that other people in my cohort have visited places I consider part of my private life, they will be able to assume the same about me. That includes medical sites, mental health advisors, and lawyers.
This is all just bad. Google is offering different surveillance as an answer to what we have now. The stuff I describe above is in beta testing in the Chrome browser right now. While I don’t know the scope of this beta test, if history is a guide with Google “beta” means “it’s out there.”
Long ago, Apple and Google worked together on a thing called WebKit, the software that underpinned both browsers. I watched as schism formed between the two companies, as Apple engineers found security and privacy exploits in many of the new features Google wanted to implement. It was esoteric at the time, very abstract discussions about how some drawing tools could be used to read the screen underneath, which could include private information. Eventually the partnership split, and now Google has way more features than Safari, and Safari offers way more protection for you. Some sites don’t work so well with Safari, but that’s the cost of privacy.
Use whatever browser you like, but remember one thing: Chrome is the core tool (along with Android) created by a company that makes money by watching everything you do.
For a more detailed discussion of the new Google shenanigans, please visit the Electronic Frontier Foundation.
My biggest concern about private data aggregation is not how good it generally is, but how bad is sometimes is. I’m going to be placed in a cohort that, say, likes a certain sports team and is susceptible to radicalization by ISIS. When you look at how low the bar is for e.g. extraordinary rendition, or considering correspondence “foreign” for the purposes of putting it in the NSA’s realm, this will end in some wildly bad guesses about behavior to which LE will over-react (as usual)
This is all pointless, as well, as advertisers have already perfected fingerprinting to the point where you can refuse all cookies and still be ID’d.