Introducing the Privacy Budget
Вставка
- Опубліковано 23 сер 2024
- Cross-site tracking can be enabled through fingerprinting, a technique that looks at what makes a user's browser unique. The first stage of the Privacy Budget proposal aims to quantify the identifying information, or entropy, exposed by different surfaces in the web platform. Learn about why Chrome is using this approach along with a sneak peek at how the team is laying the groundwork for the future.
Resources:
Github Privacy Budget → goo.gle/3fZzgMQ
Combat fingerprinting → goo.gle/3oaALdJ
The Privacy Sandbox → goo.gle/2UZanqK
Fingerprint Demo → goo.gle/36wxH5J
Speaker: Maud Nalpas
Subscribe to Google Chrome Developers here → goo.gle/Chrome...
Watch all Chrome Developer Summit sessions here → goo.gle/cds20-...
#chromedevsummit #chrome #privacybudget
event: Chrome Dev Summit 2020; re_ty: Publish; product: Chrome - General; fullname: Maud Nalpas;
I like the visual metaphor of scrolling through the search completions.
Who is going to monitor the monitors ?
As someone creating business application of the non-shady kind, I strongly encourage you to make this something that the user can select not to have enforced, with an active "opt-out" option, so that legit business applications that rely on many datapoints, can be allowed (by the user) to run. On top of my head this should be on domain (including subdomains) level, so a user can select to let the domain (business application) work freely.
I would hope they don't block outright when the budget is exceeded, and instead show a popup saying "This website wants access to browser capabilities A, B, and C. This could allow them to track you across websites. Do you want to allow access?"
It's google - keep on dreaming.
Hi orlovsskibet, thank you for watching and commenting :)
Yes, the current privacy budget proposal suggests an opt-in/out mechanism: browsers may use a permission prompt when the budget is about to be exceeded, so that users can decide to grant additional API access. Right now the privacy budget is planned to be domain-bound, so opt-in/out would be domain-bound as well. As a more general note: as the proposal points out there are powerful applications that may not be able to run within the privacy budget, but one goal *is* to keep the web powerful and keep these capabilities in.
We're still in an early phase-for example, how the budget will be enforced isn't defined yet-so the proposal will evolve.
You can read more in this FAQ, that will be updated as the proposal evolves: ⏩github.com/bslassey/privacy-budget/blob/master/faq.md
+ If you have questions/comments, feel free to open an issue on the repo: ⏩github.com/bslassey/privacy-budget/issues
@@maudnalpas8004 great, thank you for taking the time 😊
While this is definitely a fantastic move on Chrome's part and I fully support the idea that accessing more data incurs more cost, it's however not lost on me that the studying being done involves arguably some pretty privacy invasive monitoring :P I just hope that Chrome actually commits to this and enforces it on themselves, the browser, rather than just the websites Chrome is loading. Google does have a conflict of interest here, if they can make website tracking worse but browser tracking better, that's means Google has a monopoly on data. And from the study itself we already know that Google is willing to monitor its users.
Interesting ! 6:17 Sec-CH-UA are not only gathered through HTTPS, but are also granular bits of privacy information couting in the privacy budget. I imagine the more you demand, the more you consume the budget... Fits well with GDPR philosophy where you are supposed to only digest the information you really need to process.
There's a very intentional pattern here of trying to clean up the places where all this data is passively shared and replace it with methods that still allow access to all the same information, but on specific request. Plus, with a much cleaner API too which is a pleasant bonus.
Lol
Moving user agent data to a promise based budget API is crafty, but the ua vendor and version can still be determined by feature detection and the ua platform (and device screen) can be singled out through rendered CSS media queries and system styles. Overall, I think this will force fingerprinters to find ways to be invisible to the budget.
@@trappedcat3615 It's definitely not a simple problem and people intent on covert tracking will continue to try and find holes in the system. A goal here though is to provide better alternatives for the legitimate use cases (fraud detection, tailoring content to a device, etc.) so that the incentive to use fingerprinting techniques isn't there, which hopefully makes it easier to lock down more of the existing areas that leak that information. Like all technical solutions though, it will be a permanently moving target.
I have questions about FloC:
Can anyone access these cohorts?
Can other browsers implement FloC?
- yes, anyone who is partaking in the selling/buying of an Ad
- yes, also it's open to different Browser for implementation, whether they do so is a different Topic
Cómo presentarme con mis premios y los resultados
*Creo q no hay forma de hacerse invisibles porque todos tenemos una forma específica de escribir o manifestarse ... Es la realidad pero todos los servidores nos espían porque ambos tienen sus intereses ... Saludos ✋⚡✒*
thank you for sharing...
Привет
How about not censoring ?
If the problem are companies doing fingerprinting, make fingerprinting illegal. It's as simple as that.
Google and Facebook have each user's identity provided by the user themselves. Fingerprinting is the entry point for new players who don't have access to users' identities the way the big guys do. Making fingerprinting illegal would be effective in making sure that everyone can play on equal terms, as opposed to criminalizing (strong word, I know, but appropriate) smaller players that try to claim their little share of today's digital market.
First, I don't think that Google (yet) has the power to implement legislation, second, hardcore trackers/it criminals is probably not scared away by that.
It is not easy
The problem then is expecting everyone wants to use the Internet wearing their heart on their sleeves and their name on a tag. Not everyone wants a Google/Facebook/Myspace profile and they shouldn't be pushed into a category of criminals for that, but if we make that the only acceptable form of identification then everyone is going to be forced to comply else their experience becomes dramatically handicapped otherwise.
And besides that, browser fingerprinting is just a forensic study of data that the browser shares to optimize the experience that betrays privacy information thanks to an accumulation of "big-data" and Venn diagrams. Making it illegal is not much different than putting robots.txt on your server; demanding such a request can't actually enforce anything upfront as it doesn't resolve the root problems.
It´s illegal in Europe without consent and considered personal information. Making laws isn´t that effective, neither is it when legal-workers design UX through cookie-popups. Built-in privacy does work, and this research might end up being very valuable rather than browsers or network security randomly break sites and the user experience. I hope this research will end up bringing an end to the European cookie-law, which is just stupid (legal workers shouldn't design UX). Fingerprinting can be a more serious offense than leaving a tacking cookie without asking isn´t widespread, I have seen some smaller web analytics alternatives promoting themselves as more privacy-aware, but seem to break the law in more serious ways through fingerprinting and creating keys from the IP (Even if you obscure Personal Information through crypto it is still processing of personal information and covered by the GDPR).
Fingerprinting and canvassing will always be bad thing.
Especially when companies that lie do it
How does one make reading what the browser sent illegal. Your fingerpring is not really your personal data like cookies you receive/send or input you provide. The fingerprint is device and browser identifying information exposed with or without your consent. To make it illegal for sites to read it, you would first have to make illegal for browsers and devices to send it or make it illegal for you to opt in to send it if you are not authorized by the machine owner.
Chrome is the new IE, constantly breaking stuff. And how about a privacy budget of zero - because that's how it's going to be in the EU anyway.
Not true, if you get the users consent, you can do it.
@@orlovsskibet Fingerprinting is by definition a fuzzy and covert technology, and getting consent for that seems impossible.
@@graealex getting detailed information about the browser and fonts is there for a reason. It was not invented for fingerprinting. So no.
@@orlovsskibet In the EU you cannot collect these information without consent, that's what this is about. Assuming all companies only operate within the law, of course.