> Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web browsing, and they’d be able to adjust that choice at any time.
> By comparing the treatment arm to control 1 arm, we observed that removing third-party cookies while enabling the Privacy Sandbox APIs led to -20% and -18% programmatic revenue for Google Ad Manager and Google AdSense publishers, respectively.
For the mysterious "new experience in Chrome" they mention, I'll be keeping an eye on their public planning repositories, but there's no guarantee that the project they're mentioning is related to any of these:
To be clear, the outcome quoted above (Privacy Sandbox, no 3P cookies, ~20% reduction in ad revenue) is what Google wanted but regulators (spurred on by the ad industry) wouldn't let them have.
I agree Google needs an eye kept on them, but unfortunately the people doing that are looking out for the interests of other ad providers, not the public.
Increased demand for privacy, which has already led competing browsers to kill 3P cookies.
Note that Google wasn't willing to kill 3P cookies without providing Privacy Sandbox an an alternative, less privacy-invasive, way for publishers to target ads. Without Privacy Sandbox, the reduction in revenue is even more severe:
> we observed that removing third-party cookies without enabling Privacy Sandbox led to -34% programmatic revenue for publishers on Google Ad Manager and -21% programmatic revenue for publishers on Google AdSense. [https://support.google.com/admanager/answer/15189422]
Also note that the revenue being talked about is for publishers using Google Ad Manager and Google AdSense. Google gets a cut of that, but it's not as significant as the revenue from contextual ads they show on search results.
There's literally no competition: around 80% browsers market share belongs to Chromium-based ones. Whatever Google decides in Chromium will be delivered in the next update to rule 80% of the market.
Or maybe it was always a joke that people took seriously? What about Dont Be Evil was guaranteed to render different results than Microsoft besides passionate speeches? The motto should have been “Complexity Shift Evil” or “Evil Differently”.
> Throughout this process, we’ve received feedback from a wide variety of stakeholders, including regulators like the UK’s Competition and Markets Authority (CMA) and Information Commissioner's Office (ICO), publishers, web developers and standards groups, civil society, and participants in the advertising industry.
Chrome (and Google in general) has a tough problem of having to satisfy such diametrically opposed "stakeholders" -- being stuck in the middle and having to satisfy both "civil society" and "the advertising industry" means it won't do a great job at either, no matter what.
Not only that, they are the advertising industry, or at least a major player. Moves like Manifest V3, continuing 3P cookies and user-hostile moves on YouTube are all a part of that.
Chrome should really not be a part of Google IMO. It's a significant conflict of interest.
In spite of Manifest V3 being a shit show, I continue to see all manners of evidence that Google wants genuine honest reform for user privacy. The attitude & negativity is at severely problematic levels, and Google actually gets that improvement & reform is necessary to keep going for another decade without some kind of boil over/explosion.
I agree that Chrome in theory shouldnt be a part of Google. But generally I think there is incredibly little self-dealing, that some ideas do go wrong but usually there's not such a sinister backstory of self-interest driving things. I don't know about today, but I'm the past engineers would pretty definitely say they'd never seen anything like the insinuation & top down steering that's so regularly casually implied, and it's remarkable how this casual accusation of rot is left to dominate. It's really unfortunate.
But I still think I'm principle there should ideally be harder separation. But I really doubt we can get an adequate funding source lined up. Chrome supports humanity's preeminent multi-media platform, is a huge gift to the world. And that online world that exists because of Chrome and FF, the general health of that world, that's what keeps Google alive & keeps the money pouring in. If Google can't invest in the web who would step up?.I'd love to see hundreds of millions a years allocated to this collective treasure we all enjoy, that runs on almost as many systems as Doom runs on, but alas there's just not the collective motive & will to support our great works.
I really hope Chrome can offer users a choice here, and that the choice really is good and that we can opt to leave this terrible 3rd party cookie world behind. I like the idea of not having a hard break, of this being more of a shift, one that the world can be more involved in navigating. Fingers crossed.
> In spite of Manifest V3 being a shit show, I continue to see all manners of evidence that Google wants genuine honest reform for user privacy. The attitude & negativity is at severely problematic levels, and Google actually gets that improvement & reform is necessary to keep going for another decade without some kind of boil over/explosion.
> I agree that Chrome in theory shouldnt be a part of Google. But generally I think there is incredibly little self-dealing,
OK, I'll bite. If Google cares about privacy so much, couldn't they simply disable 3P cookies like everyone else (minus Edge)? [1] Am we really to believe that the Chrome team is busy playing a game of 4D chess in the conquest for user privacy? I for one do not.
Everyone else disable 3rd party cookies but has unspecified/undocumented workarounds & carve-outs that they've had to keep expanding on. It broke a ton of login and valid diagnostic systems.
Google's playing hard mode by trying to actually specify how the new world is going to work. A third the current explainers they are working on relate to trying to get login flows working again. https://github.com/orgs/explainers-by-googlers/repositories . Google's commitment to specifying & standards has made this much harder.
Meanwhile they also have vastly more scrutiny. I'm not sure if the UK's CMA or ICO have updated the public on what their concerns are, but the UK in particular has come out strongly saying that they get full say in what Google does here, in one of the strongest repudiations of the ideas of the Declaration of Independence of Cyberspace that the world has seen.
And meanwhile the slithering reptiles at the IAB are generating as much chaff nonsense and outcry as they can against Google, and putting forward proposals about making sure advertisers can tell what you had for breakfast & whether or not you flossed last night.
This is the least enviable spot to be in. The web has to change but trying to get the mandate for it to happen is neigh on impossible; giving users options & capabilities to pick seems like the only option at this stage.
The challenge is more satisfying anti-trust and privacy. Anti-trust requires transparency to validate that no one is abusing the system, privacy requires opaqueness.
The new path is they aren't deprecating third-party cookies anymore. Instead they're going to "introduce a new experience in Chrome that lets people make an informed choice that applies across their web browsing" (in the 4th paragraph).
It'll be like Android's location sharing with Google. Nothing works unless you agree to a wholesale google location surveillance. Then they can say you agreed to this.
I disagree. Things may be different in the EU, but for every feature that triggered the "enable location history" popup, it made a lot of sense to require it. And, most importantly, you can just turn it off and everything important keeps working.
You can disable the "send a list of nearby cell towers to Google's live database" setting, the "send a list of Bluetooth beacons to Google's live database" setting, and the "send a list of WiFi networks to Google's live database" setting, all without losing location access. Your location access will become a lot slower, but that's just a consequence of having to rely on GPS again, like we did before all of these extra features became available.
Google is even making their location history feature worse because they don't like how many blanket location history requests they're receiving from authorities, by moving location history to be stored on-device.
For years Google lied about consent users supposedly gave for some types of location tracking, but after they got found out (and the authorities got involved) they changed their tune.
There is so much stuff Chrome sends to Google though. I was curious how their autofill implementation works and... there is code to send a list of all form and field names to a Google API. That alone could be sensitive information.
>For years Google lied about consent users supposedly gave for some types of location tracking, but after they got found out (and the authorities got involved) they changed their tune.
And I will never trust google again after that with my person important data! No matter what day do now!
I’m sorry, what?!? We had a massive web presence overhaul at $bigco, high-vis project, it just completed. All because third party cookies were going to become unsupported. Under time and under budget, what a waste of good velocity.
Did the overhaul result in better end user privacy? If so it was worth it. Even if it just resulted in a higher cost to maintain the existing level of privacy violation it would be worth it from a customers perspective. The more it costs to surveil people the better from the consumer privacy perspective.
A major problem with blocking third party cookies is that it kills any embeddable logged in experience. Think payment gateway widgets that would now require you to login every time you want to make a purchase, or youtube embeds that would no longer recognize your premium subscription and roll ads across the web if if you pay for none, etc.
And that's the only good use case for third-party cookies. I'm willing to sacrifice that if it would mean that reliable cross-site tracking is made impossible.
They haven't gotten removed yet, just compartmentalised and some important existing ones grandfathered in, I believe. And none of that has happened in Chrome, as far as I know.
The UK regulators can be aggressive and have teeth. The CMA held up Microsoft's acquisition of Activision Blizzard by about 4 months.
The UK is still one of the world's largest economies so they're hard to ignore. The CMA and ICO tend to be quite collaborative and apolitical so they're easy for companies to work with. Ironically I think the ICO is still one of the best enforcers of EU data privacy laws.
I've been wearily ignoring the "Third-party cookie will be blocked in future Chrome versions..." notice in the console for months now knowing I'd have to act on it eventually. Hurray for procrastination!
Firefox disallows them by default, and in OP for Chrome we're also only talking about what's the default, from a developer perspective you should still act on it.
Interesting timing for this. Chrome 127 (releases today) disables Manifest V2 extensions. When uBlock Lite runs out of rules, unwanted advertising will be back on the web.
With all due respect to the Chrome team, where is the leadership, competence, or moral courage at Google? It looks like they are announcing to the world today that they care more about advertisers than users.
They should’ve started with user choice as the first milestone when it was originally announced. Similar to Apple’s app tracking. Or just get rid of cookies and let ad tech be less invasive.
primarily because it would put any publisher or site not named Facebook or Google out of business, or have to shift all of their ads to google or facebook.
You would have to break up Google in order for them not to have a a insane market advantage if they got rid of 3pc. Google would still have access to all their consumer markets, google analytics, etc, and everyone else would have to do business with google or go out of business.
Ad revenue declines without 3P cookies[1]. Safari and Firefox have less market share than Chrome and aren't made by a giant advertising company so they don't attract the same scrutiny. When Google tries to restrict 3P cookies it creates the appearance that they're just trying to kneecap their competitors, whether that's true or not.
Because Google (the ad provider) gets to do all the tracking without third-party cookies (by asking Google (the web browser) for that information), which the other ad providers can't do.
I'm not aware of any functionality in Chrome that allows Google to get tracking data that other ad providers can't, but it seems like regulators should target that instead of preventing Chrome from banning third-party cookies.
Google's competitors complained that they couldn't track users enough with Google's proposed new scheme. They had to bend over backwards and make privacy worse to make the scheme pass the regulators.
Market regulators don't care about privacy or data safety, they care about whether your local ad agency can make as much money as Google can doing the same stuff.
Google introduces a lot of "privacy protecting" ideas like removing third party cookies, moving extensions to manifest v3, etc. Then they backtrack on removing third party cookies and keep the manifest v3 roadmap.
Essentially, they are getting their cookies and eating it too.
I can't tell from the announcement or official site. Is CHIPS still a thing? Do I still have to partition all my cookies I write on one domain I own to work on another domain I own?
Yes CHIPS is still a thing. As far as I can tell, nothing changes except that Chrome will not disable third party cookies by default. It will remain a preference that users can choose.
> The Ministry of Peace concerns itself with war, the Ministry of Truth with lies, the Ministry of Love with torture and the Ministry of Plenty with starvation. These contradictions are not accidental, nor do they result from ordinary hypocrisy: they are deliberate exercises in doublethink.
> In light of this, we are proposing an updated approach that elevates user choice. Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web browsing, and they’d be able to adjust that choice at any time.
If this is a more prominent & robust implementation of "Do Not Track" with actual teeth from the browser, I would be fully on board. It probably won't be, but it could.
> "Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web browsing, and they’d be able to adjust that choice at any time."
Do we believe an average Internet user has any knowledge to make an "informed decision"?
Seeing the name "Privacy Sandbox", you might think it would be a ground-up creation aimed at mitigating all of the gratuitous security vulnerabilities that Doubleclick has pushed into the web ecosystem - with deterministic rendering and a fixed lists of system fonts to fix the canvas vulns, permissions checks returning immediate 'no' instead of hanging on asking the user, permissions gating things that can likely never be secured (webgl), and so on with every vulnerability that leads to browser fingerprinting. But no, it's an Orwellian term meant to market something that deliberately violates user trust by leaking even more information!
> Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web browsing, and they’d be able to adjust that choice at any time.
The OP also cites https://support.google.com/admanager/answer/15189422 (also published today) which makes the "why" of this self-evident:
> By comparing the treatment arm to control 1 arm, we observed that removing third-party cookies while enabling the Privacy Sandbox APIs led to -20% and -18% programmatic revenue for Google Ad Manager and Google AdSense publishers, respectively.
For the mysterious "new experience in Chrome" they mention, I'll be keeping an eye on their public planning repositories, but there's no guarantee that the project they're mentioning is related to any of these:
https://github.com/orgs/explainers-by-googlers/repositories?...
https://github.com/orgs/privacycg/repositories?type=all
https://github.com/privacysandbox/privacy-sandbox-dev-suppor...