Google’s building what the company says is an alternative to cookies that collect interest-based information based on a person’s browsing pattern. Called federated learning of cohorts or FLOC, the project has made some code available on the code-sharing service github. From that page:
The browser uses machine learning algorithms to develop a cohort based on the sites that an individual visits. The algorithms might be based on the URLs of the visited sites, on the content of those pages, or other factors. The central idea is that these input features to the algorithm, including the web history, are kept local on the browser and are not uploaded elsewhere — the browser only exposes the generated cohort. The browser ensures that cohorts are well distributed, so that each represents thousands of people.
Google also created a comic to explain Federated Learning in general, which can be applied to projects other than displaying ads on web pages:
It’s a far, far cry from the one Google made over twelve years ago when it announced the then-revolutionary Chrome browser.
As someone with a computer science background, I am interested in learning about and following the progress of FLOC. As someone who cares about privacy and has invested thousands of hours helping spread awareness, I will avoid information collection for the purposes of displaying ads, period. Whether it’s through cookies or fingerprinting or the supercookies we read about recently, or through federated learning.
FLOC will be rolled out in Chrome in 2021, to people who are logged in to the Chrome browser. My advice from the point of view of privacy is to avoid this altogether. Just follow good hygiene when connected to the Internet on your phone or computer (which is all the time):
- Use Firefox, not Chrome. On iOS, Safari is fine. On Android, just switch to Firefox for Android.
- Do not stay logged in to any site – use private mode for that, or a separate browser
- Use privacy plugins like Privacy Badger and uBlock Origin
- Use an on-device VPN like Adblock or Adguard
- Run your DNS requests through a Pi-hole, either running on a raspberry pi on your home network, or running in the cloud.
Other than point #2, it’s all setup and forget. Do it.