Google has announced it will no longer proceed with the complete removal of third-party cookies in Chrome browser, opting instead to give users more control over their privacy settings.
Anthony Chavez, Google’s VP of Privacy Sandbox, explained the decision in a blog post, highlighting that while initial tests of Privacy Sandbox APIs showed promise, the feedback from various stakeholders, including regulators and industry participants, indicated that a complete transition away from third-party cookies would be challenging and disruptive. Due to this, Google is now proposing a new approach that, according to the tech giant, emphasizes user choice over cookie deprecation.
The Privacy Sandbox initiative was introduced as part of Google’s broader effort to enhance online privacy while maintaining the viability of an ad-supported internet. First announced in September 2023, the Privacy Sandbox aimed to replace third-party cookies with privacy-preserving technologies that could still support targeted advertising. However, despite significant investment and extensive collaboration, Google alleges that the industry’s readiness for such a fundamental change was insufficient.
The decision has been criticized by various privacy advocates and data protection organizations that accuse Google of prioritizing maintaining its primary business model instead of users’ privacy. Electronic Frontier Foundation’s (EFF’s) Staff Technologist Lena Cohen stated the following:
“Google’s announcement underscores their ongoing commitment to profits over user privacy. Safari and Firefox have blocked third-party cookies by default since 2020, when Google pledged to do the same. Third-party cookies are one of the most pervasive tracking technologies, enabling advertising companies and data brokers to collect and sell information about users’ online activities. This can lead to a range of harms, like bad actors buying your sensitive information and predatory ads targeting vulnerable populations.”
“Google’s decision to continue allowing third-party cookies, despite other major browsers blocking them for years, is a direct consequence of their advertising-driven business model. With nearly 80% of Google’s revenue derived from online advertising, it’s clear why Chrome is putting advertisers’ interests above users’ privacy.”
Lena Cohen – EFF
The Information Commissioner’s Office in the UK has also published a statement in response to Google’s decision, expressing disappointment with the change of plans.
Google’s new strategy
Instead of removing third-party cookies entirely, Google plans to implement a new user experience in Chrome that allows individuals to make informed choices about their web browsing privacy. Users will have the ability to adjust these settings at any time.
The decision to maintain third-party cookies in some form reflects the complexities of balancing privacy with the economic realities of digital advertising. The transition away from third-party cookies has been a contentious issue, with various stakeholders expressing concerns about its potential impact.
Despite maintaining third-party cookies, Google says it will continue to invest in Privacy Sandbox APIs and is introducing additional privacy controls. A notable upcoming feature is IP Protection in Chrome’s Incognito mode, reportedly designed to enhance user privacy further.
New Privacy Badger out
Almost simultaneously with Google’s announcement, EFF released a new version of the Privacy Badger extension for Chrome that now allows users to opt out of the Privacy Sandbox. The EFF argued that while Privacy Sandbox may offer some privacy improvements over third-party cookies, which won’t be completely phased out after all, it still allows Google to dominate the ad-tracking ecosystem.
Specifically, Privacy Badger disables three main components of Privacy Sandbox:
- Ad topics: Prevents Chrome from sharing user interests with advertisers.
- Site-suggested ads: Blocks remarketing ads based on browsing history.
- Ad measurement: Stops advertisers from tracking ad performance using unique IDs.
If you’re using Chrome and you want more control over your privacy, it is recommended that you install Privacy Badger and set it according to your data protection needs.
Bunny The Carrot Eater
Hi, Sven Sir I have a question. What are your views of Split Tunneling on VPNs? Certain Banking Apps and streaming services require to disable VPNs. Does Split Tunneling compromises user security and privacy? Would you recommend using Split Tunneling? Or it is better to avoid using apps that require split tunneling?
Alex Lekander
Hi Bunny, I think split tunneling is a great option for people who want the VPN as normal, but still need to access their bank’s website. And for that case, it doesn’t matter anyway as the bank already knows your identity, address, etc.
Elmer Fudd The Bunny Eater
Hey Bunny, Sven’s no longer here.
Shadow
Alex Lekander is the Editor-in-Chief and owner of RestorePrivacy.com. With a passion for digital privacy, Alex created this website in 2017 to raise awareness about online privacy and security and help real people. His background and expertise covers privacy research, technical writing, software testing, and website administration. He holds a Bachelor of Science and a Master of Science from Johns Hopkins University.
Being a true privacy advocate, Alex originally used the pen name “Sven Taylor” to protect his identity. However, with more visibility and a growing audience, Alex decided to publicly reveal his identity as the Editor-in-Chief and owner of RestorePrivacy.com in 2024.
BITR
Shame you only see the surface and failed at connecting the dots.
On the contrary, “storing user data and behavior on a third-party server” I had stated as one of the nasties that 3rd-party cookies do.
So the question remains. . .
If Third-party cookies are used to track users between websites, what data is collected on sites with your personal sensitive activities involved (padlock icon), as reguarding your behavior, to add any profile data being stored on a user?
Its because of the people who use ‘duh’, Google dominates so much. How many rings before google has them all?
Say its known, the Olympic flag has five interconnected rings representing the unity of the five continents. That’s enough “move” for unity to ‘every action having a reaction’ and to stifle google.
– – “water is wet” wrong, it = a force of devastation, as absolute power is often associated with the ability to dominate and control all aspects of existence. My friend = )
BITR
^ ^ ^ ^ above = reply to @Ivano ^ ^ ^ ^
Yes, I spelled “reguarding” to have a dual purpose, involving two different aspects.
1-an involuntary reaction to protect an area.
2-directing one’s thoughts or attention to a situation.
My advice is to read the topic 1st, before you troll the commrnts it generates from RP-readers.
RTIB
@BITR, are you off your meds or do you need to be put on them?
And Alex, It’s quite pitiful this site is allowing trolls to basically hijack the comments section.
Alex Lekander
Ah come on guys, can’t we all get along and play nice?
BITR
You know, my name changes but, since 2017 off and on. I’ve tried to add value and insight here. That means comments from me are more than a couple of sentences. In hopes that I usually get the reader thinking.
So, its just some peoples kids that are always taking and never to give back in the positive sence of theirselves. Who come along calling me out to you.
Unlike you Alex, being tasked to moderating all the comments, where you read everything said. They, have the freedom of passing over, disreguarding, any comment they wish.
I second, “Ah come on guys, can’t we all get along and play nice?”
I’ll take a break for awhile, sir.
BITR
Check the news:
Nearly a year after the US government took Google to trial, a judge has found that the tech giant violated antitrust laws.
Alex Lekander
Yes, it will be interesting to see how this decision plays out!
9o5
I would think there was an enormous amount of money to be made by impacting where traffic flowed on the Internet. They had a strong commercial interest in being seen to be a quality search engine, so obviously there’s a lot to discuss and debate about the history of that.
Lacking the community design, to drive towards neutrality. In other words, it had the problem of fiefdoms, which is a key problem of no democratic control.
Marcus
Alex, since Sven is now gone. Can you share what’s really going on here?
Here is a snapshot of Sven’s bio: http://web.archive.org/web/20220606174002/https://restoreprivacy.com/aditya-birla-fashion-and-retail-ltd-abfrl-hack-2022/
Both of you have claimed to be the founder (single tense) of Restore Privacy and you have the added title of editor-in-chief in addition to the founder.
Alex Lekander
Hi Marcus, this is explained on the Mission page under my bio as follows:
“Being a true privacy advocate, Alex originally used the pen name “Sven Taylor” to protect his identity. However, with more visibility and a growing audience, Alex decided to publicly reveal his identity as the Editor-in-Chief and owner of RestorePrivacy.com in 2024.”
BITR
Yep, he’s the same man.
See [https://web.archive.org/web/20190724203659/https://restoreprivacy.com/privacy-tools/#comments] for the replies with Alex’s initial pen-name and filler-image referring to ‘Sven’, from the early years of launching the RP-site.
I’m there too, by another ‘name’ as an annotator commenter, hopefully, to help fact check, research, add links and seek additional answers in helping, as well in the fullest explanations in the (birds-eye) view to understand Alex’s topics.
I can only try. . . I’ve used many names or handles here over the years to aid my purpose in something of value to the RP-site.
BITR
Seems a very contradictory state between the 3 browsers, Chrome, Safari, and Firefox. That two of the three popular web browsers used to access and navigate the internet. Being, Safari and Firefox have blocked third-party cookies by default since 2020.
Then as these, Third-party cookies are one of the most pervasive tracking technologies, enabling advertising companies and data brokers to collect and sell information about users’ online activities.
Having nothing to do about the ads needed for those content creators as the abundance of free online content they supply. How is it not clear, by driving nearly 80% of Google’s revenue, as derived from its online advertising, is why Chrome puts advertisers’ interests above its users’ privacy.
If you even look at Android overall of these 3 browsers. Chrome having the most comprehensive support for Androids TEE storage, leveraging the Android KeyStore and Cipher APIs for storing arbitrary data.
That arbitrary data refers to data that does not conform to a specific standard or structure, and can be any format or content.
So with Chrome its not just user data stored in the Android security framework, as needed to protect a user voice, image, and fingerprint data.
I question if Advertising companies and Data brokers for users on Android systems, do store arbitary third-party technology data in Androids TEE framework?
Android stores face and fingerprint images in a secure environment, such as the Trusted Execution Environment (TEE) or Secure Enclave.
All three browsers rely on the Android operating system’s KeyStore and Cipher APIs for encryption and storage of sensitive data.
Safari and Firefox have limited or no direct support for TEE storage, relying on the Web Storage API and internal storage mechanisms.
Firefox’s TEE storage support is limited to storing specific types of sensitive data.
Whereas Chrome’s support is more extensive.
Huey
Ha. Are you venting or ranting? Bcuz your pedantic reply is as meaningful as burned log in a wildfire.
BITR
Unlike you to being finicky or fastidious, especially with my thoughts. I choose to swim and not drown in the disrepute of googles suffocating grip over most of the interactions on the web.
Logic is earned liken to, one grain of sand to the age of time, my odium friend.
= )
BITR
Personalized Advertising is what Third-party cookies accomplish by storing user data and behavior on a third-party server, which can then be used to serve tailored ads. Sensitive activities come to mind like banking, health, and cc purchases. If Third-party cookies are used to track users between websites, what data is collected on sites with your personal sensitive activities involved?
Chrome fails data protection and user privacy when Google takes no responsibility of the individual user to protect personal data to which they have and allow others access.
The company’s dominance is not absolute. But this move, is yet just another feather in its hat to gain full dominance over the internet.
Ivano
huh? your “move” seems to remind us that water is wet. it makes it sound you’re all for third party cookies. And ofc, Google wants to dominate, duh.