This episode of Security Now covered Google’s plan to deprecate third party cookies and the reaction from advertising organizations and websites.
The articles and the opinions of the show hosts are that it may have negative or unintended consequences as rather than relying on Google’s proposed ad selection scheme being run on the client side (hiding information from the advertiser), instead they are demanding first party information from the sites regarding their user’s identification.
The article predicts that rather than privacy increasing, a majority of websites may demand user registration so they can collect personal details and force user consent to provide that data to advertisers.
What’s your opinion of website advertising, privacy, and data collection?
- Would you refuse to visit websites that force registration even if the account is free?
- What’s all the fuss about, you don’t care?
- Is advertising a necessary evil in fair trade for content?
- Would this limit your visiting of websites to only a narrow few you are willing to trade personal details for?
- Is this a bad thing for the internet experience as whole, or just another progression of technology?
- Is this no different from using any other technology platform that’s free (If it’s free, you’re the product)?
- Should website owners just accept a lower revenue model and adapt their business, rather than seeking higher / unfair revenues from privacy invasive practices of the past?
I don’t quite understand the leap from “No third party cookies” to “You need to create an account”.
If you’re visiting a site and they drop a cookie, that’s a first party cookie. You don’t need to log in for that to happen, and they can track you all the same. Taking identifiers from a first party cookie and passing them to advertisers will still be a thing, it’ll just require closer coordination between the site and the advertiser than if the advertiser dropped their own cookie.
Now yes, that first party cookie won’t follow you around to other websites and track your behavior there, but creating an account wouldn’t enable this anyway. Besides, Google’s Privacy Sandbox product suite is intended to fill this role in a less granular way (associating k-anonymized ids with advertising topics across websites).
If you use your email address, they can follow you everywhere. Unless you create tons of throw away emails.
Despite what the length of their privacy policies might suggest, first party sites are a lot stingier with their user data now than they’ve been in the past. The value of knowing who someone is and what they want is derived when you convince them to pull out a credit card, at which point you need to collect their data anyway.
Thus, I think we’ll see two tiers of data collection: Deep first-party info shared between retailers and data brokers to target advertising on their first party site, and less granular banner advertising based on privacy sandbox, taking the place of drive-by cookie drops. If privacy sandbox is as good for random blogs as industry is expecting (ie, not as perfect as third party cookies, but less impactful than Apple’s ITP was), I don’t think we will see a wave of email signups.