this post was submitted on 10 Sep 2023
150 points (96.9% liked)

Out of the loop

10989 readers
1 users here now

A community that helps people stay up to date with things going on.

founded 1 year ago
MODERATORS
 

What changes are they making, and how to prevent them affecting users?

Also, does Privacy Badger, uBlock Origin, or a VPN with ad-blocking and anti-tracking prevent the new data collection through Chrome?

all 30 comments
sorted by: hot top controversial new old
[–] RagnarokOnline@reddthat.com 43 points 1 year ago* (last edited 1 year ago) (7 children)

Google is rolling out a new feature called “Privacy Sandbox” that also enables websites to use Google’s new “Topics API” to view web addresses in your browser history.

People are generally concerned because it allows a site like Petsmart.com to learn that you bank at WellsFargo.com and that you also visit Nickelodeon.com frequently. Petsmart may then use this information to target ads at you.

The larger concern is that just about any website can learn this information (so not just Petsmart.com, but SouthernRecipeMamaOfFour.net can also get this information, which is excessive access for a site like that to say the least). The fear is likely overblown, though.

What can you do to protect yourself? Don’t use Google products or Chromium-based web browsers.

Edit: Looks like my understanding was off. Shout out to NicoCharrua and a couple other users who clarified that Topics API doesn’t expose URLs, but instead looks at the URLs in your history to create topics (kind of like tags) that other sites can see. Hope my potential employer doesn’t find out about my love of large ethnic butts!

[–] dannoffs@lemmy.sdf.org 54 points 1 year ago (2 children)

Cool comment except for this part:

The fear is likely overblown, though.

[–] NicoCharrua@lemmy.ca 8 points 1 year ago

The fear is sometimes overblown, though. It's awful for privacy, but it gets exaggerated a lot of the time, even in the comment you're replying to.

(...) enables websites to use Google's new "Topics API" to view web addresses in your browser history.

People are generally concerned because it allows a site like Petsmart.com to learn that you bank at WellsFargo.com and that you also visit Nickelodeon.com frequently.

This isn't true. Websites only see some of the topics you visit, so in this example maybe Banking (or something a little more specific like savings account), and comics and animation. Here is the list of topics.

What can you do to protect yourself? Don't use Google products or Chromium-based web browsers.

It's a good idea to stop using Google products and Chromium based web browsers, but you don't have to if you want to avoid Topics API. You can opt out of it (at least for now), and some chromium browsers like Vivaldi, Brave and Ungoogled Chromium will probably remove it from their browsers.

Imo the biggest problem with it (over other types of tracking), is that like RagnarokOnline said, any website can get the info, not just the advertisers. So say, the company you're working for could be told you're interested in Job Listings, or Retirement & Pension.

[–] RIP_Apollo@feddit.ch 5 points 1 year ago* (last edited 1 year ago)

I would say, if anything, the fear is likely under-blown.

Sure, you’ll find many users here on Lemmy who hate what Google are doing… but we’re not the typical internet user. I mean, we specifically found this niche platform called Lemmy rather than use one of the mainstream social media platforms. The typical “normie” who uses Chrome probably has no idea about the privacy risks of using it (either in its current form or when the Topics API is being used). We need to help others understand, and hopefully convince these people to move over to Firefox.

[–] Dlayknee@lemmy.world 42 points 1 year ago (2 children)

Don't use Google products or Chromium-based web browsers.

So... Firefox? Are there even any other viable alternatives?

[–] kratoz29@lemm.ee 9 points 1 year ago (1 children)
[–] dfyx@lemmy.helios42.de 6 points 1 year ago

Even though Vivaldi is Chromium-based, they already released a blog post in which they announced that they will disable the Topics API.

[–] chris@l.roofo.cc 20 points 1 year ago

I don't think that is quite right. As far as I understand it the new feature generates topics from your browser history that website can use for targeted ads. So if you visit banking websites it might add to the finance topic. I don't think Websites get access to the history. Still it is a shitty idea and please use Firefox.

[–] Lojcs@lemm.ee 15 points 1 year ago* (last edited 1 year ago)

enables websites to use Google’s new “Topics API” to view web addresses in your browser history

That's just false. It generates generic topics from domain names in the history and provides some of those topics to advertisers. Nobody gets to know which domains you've visited. It also has measures to make it hard to build a profile on you based on the provided topics.

Any kind of tracking is bad. You don't have to misrepresent what kind of tracking it is

[–] BanditMcDougal@lemmy.world 9 points 1 year ago (1 children)

Which includes the Steam client. It's a CEF-based application.

[–] federalreverse@feddit.de 9 points 1 year ago (1 children)

Electron apps are largely irrelevant in this discussion, unless they include a general-purpose browser. The Steam client is exclusively used to display things from some Valve-owned API domain (or is there a general-purpose browser somewhere in there?). All the data generated by Steam is completely separate from the data generated by the normal Chrome browser.

And the same thing goes for Electron apps like Signal Desktop, Atom, VS Code, Slack, Teams, ...

[–] Krotiuz@kbin.social 5 points 1 year ago (1 children)

Theres a general browser in the in game overlay

[–] wheeldawg@sh.itjust.works 1 points 1 year ago

An extremely bare bones and outdated one, but definitely there.

[–] mathemachristian@lemm.ee 3 points 1 year ago

To add to that, its not just about targeted advertising, but a concern is also what happens to data when (not if) leaks happen and targeted pricing. If someone has frequently visited Nickelodeon.com it could be that they have kids who are already applying pressure to purchase a hamster or bird and therefore the parent is likely to have a higher price tolerance for such a product than a childless person.

[–] maporita@unilem.org 3 points 1 year ago (1 children)

But it is optional ... why not just turn it off?

[–] Blizzard@lemmy.zip 21 points 1 year ago

How long do you think it'll stay optional?

[–] fubo@lemmy.world 23 points 1 year ago* (last edited 1 year ago) (2 children)

Dumb business law bullshit that shouldn't matter but does.

Dropping third-party cookies entirely would be a security and privacy boon for users, and the Chrome folks have wanted to do it for a while. But they can't drop third-party cookies without giving some kind of replacement to the "adtech industry" people. (Not their own ad people — rather, Facebook and the folks who put up the nasty teeth ads.)

Why? Because antitrust law. If Google undermines "adtech" — even though literally no users want "adtech" — then the "adtech" people (possibly including Facebook) will sue them and win. Because in American law, a big business isn't supposed to directly undermine another big business like that.

Sensible folks should just turn off the ad-targeting setting and third-party cookies.


To be clear, yes, I'm saying that this move by Google is not evil. It doesn't take away any privacy that users weren't already losing to third-party cookies from Facebook and other "adtech industry" folks. Rather, it makes it possible to limit how much of your privacy the "adtech" folks get to mess with.

And you and I can already turn it off, and turn third-party cookies off.

And yes, I do think "adtech" is basically a bunch of spammers who (in the words of Douglas Adams) will be the first against the wall when the revolution comes; and that Google is at least slightly better than that.

And yes, antitrust law is, in general, a good thing. This is a weird corner case that, if it had been better anticipated, could have been avoided. It sure would be nice if Chrome were completely separate from the Google business that makes money from ads. Chrome is actually pretty damn good at a lot of things; including (back in the day) getting lots of Windows users to ditch Internet Explorer when it was actively being used by criminals to take over their computers and do crime.

[–] ozymandias117@lemmy.world 21 points 1 year ago (1 children)

It’s difficult to trust them when they’re also the largest adtech business

No third party cookies is a good thing. It’s very unclear whether this new tracking technology should exist at all

[–] fubo@lemmy.world 4 points 1 year ago* (last edited 1 year ago) (1 children)

Anyone who tells you all ads systems are a little bit evil is telling the truth.

Anyone who tells you all ads systems are equally evil is trying to sell you pop-ups, spyware, email spam, and worse.

The "adtech marketplace" is a pit of festering corruption that goes way, way beyond anything that you can do with Google ads. There are shitholes out there still trying to figure out how to show you pop-ups just like back in Y2K before pop-up blocking — by compromising your browser security to do it.

I'd suggest anyone who's interested in what ads systems are actually like, go sign up as an advertiser on Google and then on Facebook for comparison. See what you can do. See what they actually do want to sell you. Don't spend a dollar; don't buy a single ad; just see what the product being sold to advertisers actually is. You might be surprised, one way or another.

Like they say, "do your own research". But not by watching videos that agree with you. If you want to see what these companies really sell to advertisers, go try pretending to be an advertiser. They'll let you do that.

[–] chickenf622@sh.itjust.works 5 points 1 year ago (1 children)

Anyone who tells you "all ads are equally evil" are rarely selling anything other than a FOSS software they are a part of, but not anything that could be considered adware. Now granted the are shills out there that your should be aware of. Thankfully there are groups that care about your privacy, like Mozilla in my opinion, that give a shit, but not every group is driven by profits.

[–] fubo@lemmy.world -2 points 1 year ago (1 children)

It's a fair point, but do check Mozilla financial statements for where they get their revenue.

[–] sep@lemmy.world 7 points 1 year ago

Hardly a secret you need financial statements for. That google pay mozilla for beeing default search engine. And this is why you all also should donate to mozilla!

On the topic of firefox. I realy like the cookie jars https://blog.mozilla.org/en/mozilla/firefox-rolls-out-total-cookie-protection-by-default-to-all-users-worldwide/

[–] AssPennies@lemmy.world 4 points 1 year ago (1 children)

a big business isn’t supposed to directly undermine another big business

Apple has entered the chat.

(See: Their walled gardens, e.g., any browser that wants to bring their own engine to iOS.)

[–] fubo@lemmy.world 4 points 1 year ago (1 children)

Apple never let them in to begin with. If Chrome turned off third-party cookies for all users today, Facebook (among others) would sue and probably win.

[–] otter@lemmy.ca 2 points 1 year ago* (last edited 1 year ago)

Which feels like one of those things that's technically legal, but against the spirit of the original law

[–] Zikeji@programming.dev 14 points 1 year ago

So right now when browsing the internet if you take no steps to protect your privacy, it's like your house is surrounded by corporate spies collecting data on everything they can see you doing through the windows. And these are some huge windows.

Taking steps like adblocking, blocking known trackers, blocking third party cookies, VPN, and / or, blocking JavaScript altogether is basically just closing / blocking those windows to make it harder for the spies. Sure, they can still glean some info but significantly less.

With Chrome's recent change, now you've been opted-in to having a tracker strapped to your chest. They promise the data is less exposing than the current data being collected, but that can change They claim it'll protect your privacy because instead of the spies collecting data directly to provide to their employers they simply have to walk up to a terminal and collect the data the chest tracker has collected and curated.

This is just my interpretation, I haven't thoroughly researched it I simply decided it was too much and moved back to Firefox as my primary browser after using Chrome for over a decade.