It won’t come as a surprise to anyone with the slightest bit of skepticism or, indeed, two brain cells to rub together that Google’s replacement for cookies, FLoC, is a privacy nightmare. Google, of course, is touting the system as a privacy respecting alternative to third party cookies but privacy experts are warning that they have the potential to be a worse privacy problem than cookies.
It didn’t take long for proof of these assertions to emerge. According this Digiday article, adtech firms are already testing ways of linking of FLoC indentifiers to personal data they already hold. If you’re surprised, you shouldn’t be. This is what adtech does: they’ll exploit any opening in their insatiable quest for data about us. There’s no piece of information they consider too small to exploit. Their goal is to build a complete profile of every person using the Internet.
It won’t—believe me—end with using that information to target ads at you. The iron law of data acquisition guarantees that it will be abused. That will probably start with law enforcement demanding access but sooner or later people like divorce lawyers will also want to get at it. Everything about you will be available for anyone who can convince a court that they have a need for it.
If you’re interested in how FLoC can be exploited, here’s a useful privacy analysis of FLoC that describes how it can be exploited to link the FLoC code back to individuals. Be sure to give it a read before you accept Google’s assurances about FLoC respecting your privacy. In the meantime, Amazon is reportedly blocking FLoC on most of their sites. That’s for competitive advantage, of course, but is nevertheless good to see.