Federated Cohort Learning (FLoC), the system that Google Chrome is currently testing to track users Instead of cookies, it has just been questioned by Mozilla again after an analysis about privacy. FLoC seeks to target ads based on user interests without revealing their browsing history to advertisers.
On today's web, trackers (and therefore advertisers) associate a cookie to each user. Every time a user visits a website that has an embedded tracker, the tracker obtains the cookie and can thus compile a list of the sites that the user visits.
Advertisers can use the information obtained from the tracking of browsing history to target ads that may be relevant to the interests of a certain user. The problem here is that it means that advertisers know about every site we visit.
FLoC has replaced this cookie with a new "cohort" identifier which does not represent a single user, but a group of users with similar interests. Advertisers can list the sites that all users in a cohort visit, but not the history of any individual user. If the interests of the users in a cohort are really similar, this cohort identifier is used to target advertising.
The different security issues raised by FLoC
After this introduction, Eric Rescorla, CTO or Chief Technology Officer of Firefox at Mozilla, explains how was the analysis carried out by the team that shows several privacy problems. For one thing, cohort IDs can be used for follow-up. Although any cohort is going to be relatively large (the exact size is still under discussion, but these groups will likely be made up of thousands of users), that does not mean that they cannot be used for tracking.
Given the only a few thousand people will share a given cohort ID, if trackers have a significant amount of additional information, they can narrow down the user pool very quickly. There are several possible ways for this to occur.
On the one hand, the fingerprints of the browser. For example, some people use Chrome and others Firefox; some people use Windows and others Mac; some people speak English and others French. Each of user-specific variations can be used to distinguish to these users. When combined with a FLoC cohort that only has a few thousand users, a relatively small amount of information is required to identify an individual person or at least reduce the FLoC cohort to a few people.
On the other hand, according to Mozilla's conclusions, people's interests are not constant and neither are their IDs in FLoC. Currently, these IDs seem to recalculate every week or so. This means that if a tracker is able to use other information to relate user visits over time, it can use combining the FLoC IDs in different weeks to distinguish individual users.
This system is capable of working even with anti-tracking mechanisms such as Total Cookie Protection (TCP) in Firefox. FLoC resets cross-site tracking even if users have TCP enabled.
FLoC filters more information than a user may want to filter
With cookie-based tracking, the amount of information a tracker obtains is determined by the number of sites it is embedded on. What's more, a site that wants to know the interests of the user must participate itself in the monitoring of the user on a large number of sites, working with a reasonably large crawler, or working with other crawlers, as Eric Rescorla explains.
FLoC undermines these more restrictive cookie policies: as FLoC IDs are the same across all sites, become a shared key to which crawlers can associate data from external sources.
FLoC faces several trust challenges
Not only Firefox has analyzed the privacy of this new Google tracking system. In early 2020 Google announced its plan to end third-party cookies in Chrome and that was to replace this common tracking of user activity on the Internet.
Chetna Bindra, Product Manager for User Trust, Privacy and Transparency at Google, spoke with Genbeta about an API the company was working on as part of the Privacy Sandbox experiments: Federated Learning of Cohorts (FLoC).
Opposing voices, such as the Electronic Frontier Foundation, say that the idea of privacy that Google sold does not fit reality. The point is that if you want to disable that tracking, you can do it. The European authorities have also shown their concern.
Wordpress also raises the possibility of blocking Google's FLoC tracking software as a security threat. In this way, Wordpress thus joins a list of companies that reject the Alphabet giant's new way of tracking. Two browser firms raised their voices about it. According to Brave and DuckDuckGo this tool does not even meet its objective of safeguarding privacy.