After spending more than a decade building up massive profits off targeted advertising, Google announced on Wednesday that it’s planning to do away with any sort of individual tracking and targeting once the cookie is out of the picture.
In a lot of ways, this announcement is just Google’s way of doubling down on its long-running pro-privacy proclamations, starting with the company’s initial 2020 pledge to eliminate third-party cookies in Chrome by 2022. The privacy-protective among us can agree that killing off these sorts of omnipresent trackers and targeters is a net good, but it’s not time to start cheering the privacy bona fides of a company built on our data — as some were inclined to do after Wednesday’s announcement.
As the cookie-kill date creeps closer and closer, we’ve seen a few major names in the data-brokering and adtech biz — shady third parties that profit off of cookies — try to come up with a sort of “universal identifier” that could serve as a substitute once Google pulls the plug. In some cases, these new IDs rely on people’s email logins that get hashed and collectively scooped up from tons of sites across the web. In other cases, companies plan to flesh out the scraps of a person’s identifiable data with other data that can be pulled from non-browser sources, like their connected television or mobile phones. There are tons of other schemes that these companies are coming up with amid the cookie countdown, and apparently, Google’s having none of it.
“We continue to get questions about whether Google will join others in the ad tech industry who plan to replace third-party cookies with alternative user-level identifiers,” David Temkin, who heads Google’s product management team for “Ads Privacy and Trust,” wrote in a blog post published on Wednesday.
In response, Temkin noted that Google doesn’t believe that “these solutions will meet rising consumer expectations for privacy, nor will they stand up to rapidly evolving regulatory restrictions.” Based on that, these sorts of products “aren’t a sustainable long term investment,” he added, noting that Google isn’t planning on building “alternate identifiers to track individuals” once the cookie does get quashed.
What Google does plan on building, though, is its own slew of “privacy-preserving” tools for ad targeting, like its Federated Learning of Cohorts, or FLoC for short. Just to get people up to speed: While cookies (and some of these planned universal ID’s) track people by their individual browsing behaviour as they bounce from site to site, under FLoC, a person’s browser would take any data generated by that browsing and basically plop it into a large pot of data from people with similar browsing behaviour — a “flock,” if you will. Instead of being able to target ads against people based on the individual morsels of data a person generates, Google would allow advertisers to target these giant pots of aggregated data.
We’ve written out our full thoughts on FLoC before — the short version is that, like the majority of Google’s privacy pushes that we’ve seen until now, the FLoC proposal isn’t as user-friendly as you might think. For one thing, others have already pointed out that this proposal doesn’t necessarily stop people from being tracked across the web, it just ensures that Google’s the only one doing it. This is one of the reasons that the upcoming cookiepocolypse has already drawn scrutiny from competition authorities over in the UK. Meanwhile, some American trade groups have already loudly voiced their suspicions that what Google’s doing here is less about privacy and more about tightening its obscenely tight grip on the digital ad economy.
Which brings us back to that Google blog post from earlier this week — the post that was literally called “charting a course towards a more privacy-first web,” while also glossing over all of the obvious problems that others have pointed out with FLoC: how tracking is still tracking, even if it’s happening in aggregate. How Google’s claim that targeting based on FLoC is “95% as effective” as cookie-based targeting seems to be built on bunk maths. How this ploy would give Google exclusive access to a ton of user data that the company already largely monopolises. If Google actually wants to shift the national conversation on consumer privacy, then it should start by clarifying what they think “privacy” actually means.