What To Expect from Google Chrome’s New Privacy Features

Published: May 31, 2019 Updated: October 7, 2019 Author Category Data Privacy & Security

After Safari’s intelligent tracking prevention mechanisms, Alphabet follows suit. This marks the beginning of a paradigm shift in advertising, and possibly a decline of cookies – similar privacy-centered features across many popular browsers crop up one after another. Slowly but surely, Firefox, an open-source browser, jumps on the privacy bandwagon.

On May 7th 2019, during its annual developer conference, Google announced briefly that it would introduce some serious changes to Chrome to grant users more transparency and control over their privacy.

Google’s initiative is also an answer to a mounting concern about users’ online privacy. It’s not only a matter of legal regulations, be it GDPR, e-Privacy, CCPA or LGPD, but also browsers’ attempt to adjust to a changing digital ecosystem.

However, the details of the undertaking are not clear., There’s no exact date as to when these additions will be available but they’re expected to arrive later this year.

In case you want to get more details on Apple’s latest privacy features, check out our post: What Intelligent Tracking Prevention (ITP) 2.1 Means for Web Analytics & Marketing

For now, let’s focus on what’s been declared so far.

Ads Transparency

The idea behind the new tweaks is that users should be better informed about how they are tracked via cookies. Also, they should know who uses their data for ads personalization and what kind of data AdTech vendors use. Site visitors will be able to find out the names of the companies taking part in the ad-servicing process, including intermediaries between the advertiser and publisher.

Google wants to reveal such details by introducing an open-source browser extension that would work across different browsers. Users will receive information on each ad, why they see a particular ad and, finally, will get snaps of ads they saw recently.

Google expanding users’ control

During the conference, Google disclosed two key privacy changes it’s going to implement. The first one would provide better control of cookies to limit advertiser’s cross-sites tracking capabilities, the other one would curb device fingerprinting.

In general, the upcoming modifications apply to how the browser treats cookies and that will call for a wider perspective on web landscape. So, thanks to the new feature users will be able to more easily recognize what kinds of cookies are dropped on their browser,and block or delete certain cookies.

Chrome’s additions address the issues of third-party cookies – used mainly for tracking users across sites for marketing purposes like retargeting or attribution. Ultimately advertisers will lose their ability to see what sites users visit and follow their actions.

On the other hand, single domain cookies, also known as first-party ones, used for keeping users logged-in or saving their shopping carts won’t be affected by these changes.

When it comes to device fingerprinting, Google aims to prevent it completely. Though, for the time being it’s not clear how exactly is going to achieve it. We’ll talk a bit more about it later on.

Overview and scoring of how websites have adapted to data privacy regulations

Download FREE Report

The impact of Google Chrome’s new privacy features

Although the details of Google’s announcement are still hazy, the mechanisms will certainly send ripples across the whole digital advertising landscape.

Less effective marketing initiatives

With its 65% market share, Chrome’s upcoming adjustments will affect a host of users. That also means marketing professionals’ work will face some serious roadblocks.

So far Chrome users have already been able to block third-party cookies, but the setting was not enabled by default. The problem is that for many people it’s hard to tell the difference between cookies that, for instance, keep you logged in and the ones applied for tracking purposes.

And to help users protect their privacy, the changes are meant to prevent cross-site cookies unless the user provides explicit consent.

All that might undermine the effectiveness of marketing efforts. To be precise, ad targeting, retargeting, attribution, and measurement will be harder to achieve.

Since Chrome is planning to alter the way cookies work, developers will need to specify how cookies can be accessed and which one will be permitted to work across websites and eventually track users. For this purpose, developers will need to use the SameSite cookie attribute. In short, it will allow developers to define if a cookie should be limited to a first-party context.

If you’re eager to dive deeper with the cookies issues, have a look at our post: First-Party vs Third-Party Cookies: Why First-Party Is the Way to Go

What’s more, it will be possible to send cross-site cookies only via HTTP connections. That’s the part of a safety approach as hackers won’t be able to intercept, modify or stole them.

Restricting device fingerprinting

Sometimes cookies are insufficient, either because they’ve been deleted or just because they don’t work across devices. And the way to reach users on individual level is called device fingerprinting. But although Google is preparing a way to restrict this method, it hasn’t revealed many details on the subject matter.

Device fingerprinting collects users’ digital traces, like the browser type, device used, plugins or hardware, and merges those into a single record. This technique might be considered less privacy-friendly as users have little control over their fingerprint. This is what Google wants to stop.

However, device fingerprinting is also applied for security reasons, to fight fraud or credential hijacking. It allows to verify if a logged-in user is the legitimate one in case of a session hijack. Additionally, such tracking aids anti-bot and anti-scraping services.

If you want to get more information on device fingerprints, get familiar with our post: Device Fingerprint Tracking in the Post-GDPR Era

Firefox follows the leaders

At the beginning of 2019, Mozilla released Firefox 65 with upgraded privacy features. This move goes in line with other vendors’ approach that promotes transparency and users’ control over their online data.

The latest update from June 2019 provides users with a redesigned Content Blocking feature which, as part of Enhanced Tracking Protection, now offers three-level settings for cookie handling:

  • Standard – Set by default, blocks all trackers when people use Private Browsing Mode, since the release from 3rd September 2019 it hinders third-party trackers and cryptominers for all users, in both private and non-private browsing.
  • Strict – Dedicated to more privacy-conscious people, this will block trackers regardless the private or non-private browsing mode.
  • Custom – Designed for people who expect more control and flexibility to decide which exact cookies and trackers they want to halt. Keep in mind that tracking cookies can be created in a number of different ways, such as via pixels, scripts, and widgets. Other technologies like beacons can also be used to track you offline.

All these modifications introduced by Mozzilla are just another example of the technological trend towards stronger protection of users privacy and Firefox is not the last browser that take this road.

Overview and scoring of how websites have adapted to data privacy regulations

Download FREE Report

The race of tech giants

After Apple’s ITP, now the changes heralded by Google seem like a serious storm coming over the online advertising world. It’s all justified with the concern for users’ privacy and the fact that people lack visibility into their online experience.

At the same time, the modifications might be crushing Chrome’s competitors that rely heavily on cookies or resell data gathered through cookies. Keep in mind that cookies are not supported on mobile apps, and apps – both desktop and mobile – make the lion’s share of ad spend. Google along with Facebook have been departing from a cookie reliance and are moving towards deterministic IDs of logged-in people.

Clearly, matters associated with privacy protection surface more and more often but , it’s too early to judge what will be the outcome of all these moves.

We are on the lookout, so stay tuned for we’ll be posting more information. And if you’re already eager to know more about those issues and how they can affect your analytics, just …

Tagged under

Author:

Karolina Matuszewska, Content Marketer

Content Marketer at Piwik PRO. Specializing in issues of on-site and off-site personalization. Transforming technical jargon into engaging and informative articles dedicated for digital marketers and web analytics specialists. LinkedIn Profile

See more posts of this author

Share