Wait. What the FLoC..?
If you haven’t heard of FLoC, or “Federated Learning of Cohorts” yet, I’ll try to give you you the easy explanation. I’m sure you’re familiar with web-cookies. At the very least, I’ll assume you’ve at least dismissed banner after banner on nearly every website you’ve visited that describe about how they use cookies, with some giving you the choice as to what you can enable or disable with a dialog box, all while pointing you to their own cookie policies or privacy policies.
This website is no different. It has a privacy policy page that points you to resources that explain how you can enable or disable them from within your own web-browser. I believe that knowing how to take control of your own privacy, is a fundamental right that must belong to you, as an Internet-izen, and should not be left to companies that exist purely through their ability to surveil, track, collect, categorize, and sell your browsing data to others.
Much of that tracking, over the past twenty years, has been enabled via the use of 3rd Party Cookies. They are, thankfully, becoming less useful as more browsers are already blocking third party cookies and other tracking technologies by default, restricting the ability to track you across multiple websites. Apple’s Safari and Mozilla’s Firefox browsers are already disabling them while Google will be disabling these tracking cookies in Chrome sometime between now and 2023.
You know it’s a good thing because the looming 3rd Party Cookie Apocalypse has got digital marketers freaked out!
So far, so good, right?
Remember that Google’s entire business model is based around monetizing the vast trove of data it’s been able to collect about Internet users (and, let’s not forget Facebook!) so they’re trying to figure out how to create the replacement for 3rd Party Cookies, and they’re opting Chrome users in to test their alternative.
Yeah.
So, how much do you trust Google, now?
Enter: Google’s Federated Learning of Cohorts, or FLoC.
The point of FLoC is to enable digital marketers to continue serving up targeted advertisements to you. Yeah, the ones that seem to follow you everywhere you go on the web. This is the point where I’ll let others, like the Electronic Frontier Foundation, describe why FLoC is a bad idea.
In simple terms, in order for targeted advertising to work at all, marketers need to be able to drill down deep enough to serve an ad that is relevant to you. That can only happen if they’re able to collect enough data to target cohorts of people more and more accurately. This creates an enormous risk beyond just your privacy!
The Problem With Google Chrome
It’s simple. If you’re using Chrome, there’s already a chance that you’ve been opted in to Google’s FLoC testing. This just adds to the list of reasons why I prefer Firefox or Safari. If you insist on using Chrome, DuckDuckGo has an extension for you to install.
Getting the FLoC out of American Bogan™!
So, what’s the point to all this nerdy talk?
- For a variety of reasons, neither of my websites are running on Squarespace, Wix, Shopify, etc., in favor of WordPress and WooCommerce. This gives me total access to my web-space, and the ability to change whatever I want in order to improve my security posture at the web-server level via security-headers that web-browsers can understand;
- Dreamhost, where my sites are hosted, incorporates their own security infrastructure and firewalls above my own;
- Both sites are sitting behind Cloudflare for additional DDoS protection and firewall filtering;
- I’ve disabled FLoC at the web-server level;
- I tested a few other websites I personally know that are built using Squarespace, Shopify, WordPress, and Wix. Neither of the two Squarespace sites I tested scored above an E (one was an F, the other an E). The Wix site I tested scored an F, one Shopify store scored a B, and the other scored an A;
- The three WordPress sites I checked scored Fs. WordPress may be capable of increased seurity; however, you gotta actually make the appropriate change to do it;
- I do not know of a Weebly based site, off the top of my head;
- No website I checked has disabled FLoC;
- Although I currently use Google Analytics and FB’s Pixel for general analytics, I may use them for advertising purposes (I gotta pay bills, after all; however, ads are getting pricier and pricier as it is. *sigh*);
- If I do end up using advertisements, keep in mind that my Privacy Policies not only encourage you to disable 3rd Party Cookies, they link you directly to resources that explain how to do so. With web-browsers now disabling 3rd party tracking by default, this is almost a moot point but your knowledge, privacy, and consent is important;
- You are not required to create an account in order to make purchases or leave comments on my sites’ blogs;
- Neither of my websites will save credit-card information for future re-use, even though it can be a convenience for users and even though Stripe’s connection is encrypted and information would be saved with Stripe;
- If you want that level of convenience, I can easily encourage you to use digital wallets to make payments via your browsers or smartphones, which both of my websites support (Apple Pay is great for this!);
- Chrome, similarly, supports digital payments. Do you trust Google?
As part of my “branding,” I’ve made a commitment on this e-commerce shop and with my photography website to sacrifice certain capabilities and features in order to focus on my users’ and customers’ privacy-first as much as possible, and as much as I am capable of providing, with my somewhat growing knowledge of web-mastering.
I hope that you feel comfortable enough browsing my websites to make a purchase down the road. If you don’t, that’s okay. I hope that can trust that this website and my photography website are doing everything possible to protect your information, no matter how obscure it may be. In the end, I hope I was able to teach you a little bit about the future direction that the Internet is taking.
3rd Party Cookies are dead. FLoC is the Google abomination growing to take their place.