In this guide we will discuss what Google FloC is and how it could potentially improve (or affect) your privacy.
What is Google FloC
FLoC is a new model from Google which gives interest-based advertising a more privacy-preserving experience for consumers. Currently, planning to roll out in 2023, it will deprecate the use of third-party cookies, which have become a privacy-invasive way of user tracking for many years.
Below you will learn about:
FloC is based on federated learning and has a distinct way of serving advertisements using information from both publishers and advertisers.
In contrast to third-party cookies, FloC preserves consumers’ privacy mainly by hiding individuals within a crowd. If you are a publisher or an advertiser, there are many ways you can better prepare for this change.
Despite the private space it promises to offer, there are severe backslashes against this technology which you should make aware of and take precautions where necessary.
Related guide: How to block Google Analytics from tracking you
Related guide: Privacy friendly Google alternatives – Search, Mail & Maps
For long years, consumers have raised concerns about third-party cookies on websites as their data is overly exposed, leading to privacy violations.
Third-party cookies allow ad publishing and advertising companies to collect information about consumer browsing habits.
This information is used to create interest-based advertisements to attract consumers to their products and services.
However, the problem is that not only can the cookies track the sites you visited, but they also can expose sensitive data like personally identifiable information (PII) and credit card information.
Would blocking third-party cookies solve the problem? The technology giant Google has been trying to find answers to these nagging problems associated with third-party cookies.
As a result, in August 2019, Google announced its new initiative of building a more private web: The Privacy Sandbox, a set of open standards to enhance privacy.
Google has identified that merely blocking third-party cookies does not improve consumer privacy.
Instead, it encourages other privacy-invasive tracking techniques like fingerprinting on which users do not have control.
Not only that but also blocking cookies will cut down publisher funding that primarily comes through advertising.
Thus, Googles’ Privacy Sandbox initiative targeted creating a web ecosystem that respects users’ privacy in several aspects. To achieve this ultimate goal, they suggest a set of proposals around three significant tracks.
FLoC is part of Googles’ Privacy Sandbox initiative, which will make current third-party cookies obsolete.
In other words, it is a new way of tracking consumers with similar browsing habits for interest-based advertising. Through FloC, advertising will be more relevant to people, but at the same time, it will keep individual user information hidden from the advertisers.
Moreover, that information will be stored only on consumers’ devices to ensure their privacy in every manner.
The FLoC or Federated Learning of Cohorts clusters individuals with similar browsing patterns into large groups or cohorts and assigns unique cohort IDs.
Unlike in third-party cookies that reveal information about each individual, in the FLoC model, the only information revealed to third parties is this cohort ID.
Hence, FloC essentially hides the individuals in the cluster, preserving their privacy. In addition to that, it only keeps users’ browsing history on their devices locally.
FLoC uses the machine learning approach of federated learning to develop the cohorts. This algorithm depends on the URLs of the navigated websites, those website content, and many more that store on the users’ web browser.
As you browse through the web, the browser updates your cohort. A cohort contains thousands of users, and the algorithm updates the cohorts weekly. Then websites can retrieve the ID of the cohort using an API and decide what advertisements they should show to the cohort.
For example, let’s take five users A, B, C, D, and E. The following shows two different Cohort assignments of these users based on their interests and the pages they visited. For interest-based advertisements, the second cohort assignment (3 and 4) is the most likely to be produced.
Related guide: How to Block Ads On All Your Devices With pfSense, Squid & SquidGuard
Related guide: How to Set Up IP Filtering and DNS Blackholing on pfSense Using pfBlockerNG
So, how exactly does FLoC ensure your privacy?
As this is ultimately a new technology from Google, it is still in its development phase and has not fully come into effect at the time of this writing.
In March 2021, Google announced that they have started to roll out this new technology as a trial in Google Chrome to improve their model by incorporating feedback from the web community.
Recently, Google announced that they are delaying the rollout of FLoC until 2023 because of the criticism and the feedback they received from their tech partners.
Therefore, everyone, from consumers to marketers to publishers, keeps an eye on this new technology and has started to assess its direct impact.
According to Google’s initial trials, they have identified that FLoC performs nearly as well as third-party cookies. Any company that currently makes use of third-party cookies should be well-prepared before fully embracing this change.
Google continuously updates its progress in its Chromium and Chrome blogs, especially its rollout plan and testing strategy.
The results of those trials give you a clear picture of where the model currently stands and how much time you have before it gets fully implemented.
While Google is preparing for this change, other browsers will take a different user privacy approach. Therefore, keeping up-to-date as it moves and educating your clients about its potential impacts can help better prepare for this change.
Do not rely on external parties to build relationships with your customers. Instead, maintain relationships directly with the customers with a first-party data strategy.
This direct relationship essentially helps you protect the trust between you and consumers. In addition, with the help of tactics like loyalty programs and offers, you can get closer and understand your consumers better.
First-party data or the data you directly get from customers are a valuable source of information as you prepare for third-party data changes. You need to make sure they are well-cleaned and connected when moving away with third-party data.
Conversion measurements measure whether the user clicks on an ad that leads to purchasing that particular product or not.
Adding Google global site tags to pages of your website can provide better results for conversion measurements. It will help you manage future changes and allow you to easily integrate new functionality when they become available.
Publishers and advertisers heavily rely on third-party cookies for interest-based advertising. There are many criticisms and doubts around this initiative whether it will be able to achieve its goal without impacting their businesses.
In its recent article, Verge pinpoints that Google FLoC is not as private as Google claims it to be. Instead, it is likely to provide data for fingerprinting, which Google needs to fight.
They also highlight that FLoC is a straightforward method that the sites can get to know enough information about individuals, and it is no worse than third-party cookies.
The Electronic Frontier Foundation (EFF) has launched Am I FLoced, which will let you find out if you have become a test of this latest tracking model or not.
Also, in its article in March, they criticize FLoC saying it is a terrible idea. They highlight that the number of cohorts can be very high, and a more significant number of cohorts can reveal more about users’ interests, making fingerprinting significantly easier.
Cohorts contain a certain amount of entropy which is enough to deduce a unique fingerprint from them.
The second concern the EFF highlights are that there can still be ways to identify individual users in a cohort.
For example, providing a ‘log in with Google’ facility can combine with the information they get from the cohorts. Because of this ability, trackers may reverse engineer the FLoC algorithm and deduce the sites they visited.
Furthermore, the cohort you are in periodically updates, which makes sites track your browsing changes easily.
The cloud giant Amazon is blocking Google FLoC because of two reasons.
The first is to protect their intellectual property that consists of people’s buying habits that they do not want to reveal to other parties.
Secondly, Amazon aims to use its own unique ID for tracking and measuring product advertising through its services.
In addition, DuckDuckGo and GitHub have already blocked Google FloC.
DuckDuckGO has developed a chrome extensionthat blocks Google FloC.
Moreover, WordPress also has expressed its concerns over the security of this model.
FLoC is the newest user tracking and advertising model introduced as part of Google’s Privacy Sandbox initiative.
Its central feature is its – claimed – ability to ensure user privacy, continuing to provide interest-based advertising. This guide explained in detail what FLoC is, including details on how it works and how it claims to improve consumers’ privacy.
In addition, as FLoCs’ ultimate goal is replacing third-party cookies, this article discussed current concerns and criticisms around this model, which has further delayed its full implementation.
How do I enable FLoC?
FloC has not yet developed entirely and is still in the trial state. FLoc trails are now available as a third-party origin trial in Chrome 89 and 91 versions. You need to register it for a trail token which you can obtain from the registration website.
Can I opt out of FLoC?
Before opting out, check whether you are a test subject of Google’s FLoC trial using the EFF’s website Am I FLoCed. It indicates to Chrome users whether the FLoC algorithm is running in their browser or not. If you are part of this trial, you can go to the browser’s settings, select and select ‘privacy and security, and choose to disable privacy sandbox trials.
When will FLoC fully replace third-party cookies?
Google initially intended to release FloC in 2022. But based on trials and feedback and criticisms from the web community, they have planned to roll out the change in 2023.
Do other browsers use FLoC?
Other browsers like Microsoft Edge, Safari, and Mozilla Firefox have informed they still don’t have immediate plans to use FLoC. Mozilla Firefox in a statement has expressed concerns over the severe privacy loopholes it has.