Chrome is the undisputed leader in the popularity of browsers all over the world, it has a huge lead over its competitors. For comparison, according to statistics from Statcounter, in October 2021, the cross-platform global share of Chrome accounted for 64.67%, while Safari was in second place only 19.06%, and Edge in third – 3.99%.
But in the case of Chrome, “most popular” does not mean “most honest” or “not eager to earn as much as possible.” Recently, some media have called for the removal of the browser from Google (including the authoritative edition of Forbes), justifying this, among other things, with problems with user privacy – now experts around the world criticize Chrome mainly for three reasons, and this article is written about them.
1. Included data collection from the accelerometer, through which you can follow literally everything
Every modern smartphone has an accelerometer (measures the acceleration of a smartphone by reacting to the slightest change) and accompanying sensors to track movement. It seems that they practically do not pose a threat to confidentiality – at most they allow you to track how fast a person is moving. But numerous studies of scientists, which are written in detail in a separate article, confirm the opposite – through these devices you can learn a lot from the owner of the device.
Here’s what you can potentially do by accessing data from the accelerometer and other motion tracking sensors:
- determine the transport in which a person is moving at a particular moment;
- measure the user’s heartbeat;
- calculate the frequency of his breathing;
- listen to telephone conversations, as well as commands to the voice assistant;
- indirectly track the exact location of the owner of the gadget if he travels by public transport.
Chrome isn’t the only popular app to use motion sensor readings. For example, the client Facebook, Instagram and WhatsApp do the same. However, there is a significant difference between these cases – while Facebook monitors users through an accelerometer and other devices only to display its targeted ads, Google, using its browser, opens access to potentially confidential user data to any sites, since this option is enabled in Chrome. by default and marked as recommended for use. For comparison, in the same Safari, in order to access position tracking sensors, you need to obtain special permission from the owner of the gadget, as when requesting to use GPS or Bluetooth.
The problem is aggravated by the fact that, in fact, ordinary sites do not need to use the accelerometer and so on (with the exception of conditional map services) – in other words, if you deny access to these sensors by default, users may never be faced with a request for access. to them.
💡 How to disable:
⋮ ➝ “Settings” ➝ “Site Settings” ➝ “Motion Sensors”
2. Idle Detection has appeared – the browser knows when the computer is not in use
Chrome 94 for computers and Android introduces an unusual API called Idle Detection to detect when a computer is idle. This tool records the lack of interaction with input devices (keyboard, mouse and screen), the inclusion of a screensaver or activation of the lock screen, as well as transition to other screens (applications and tabs). Unlike previously used APIs, Idle Detection monitors the lack of interaction with the entire computer, and not just with a specific tab. According to official reports, this tool appeared in Chrome to improve the performance of specific web applications that need to record user activity: online browser games, chats and dating applications.
There is a separate article on Threshbox dedicated to Idle Detection issues, but in short: this tool opens up potential surveillance to both ad platforms and malware. On the one hand, Idle Detection allows ad services to create a more detailed digital fingerprint of a user, being able to determine his daily routine – knowing when a person is having lunch can influence their hunger (offering food delivery or restaurant advertisements) and the accompanying emotions. On the other hand, Idle Detection provides valuable information to viruses (for example, cryptomining) – having determined that a person is not in the workplace, malware can fully interact with the computer.
The problem is that, despite all the risks for users, which the company clearly knew about, the developers still implemented this API. It will not be superfluous to remind here that Google owns one of the largest advertising platforms and that it has a browser at its disposal, which is used by more than half of the modern population of the planet. Chrome is almost the only browser whose creators decided to implement Idle Detection. The developers Vivaldi, Brave and Safari deliberately ditched it.
💡 How to disable:
Paste in the address bar chrome://settings/content/idleDetection and go to this address, and then completely disable this option or configure it for the selected sites.
3. Chrome Goes FLoC: Strengthening Monopoly Under the Cover of Privacy
For a long time, the use of cookies has been the main browser advertising platforms – roughly speaking, when a user visits a page with a built-in tracker, the site learns the history of all previously visited resources that track Cookies. Since now the vast majority of sites use this tracker, it allows you to quite accurately compose a digital fingerprint of a person, that is, to determine his preferences and behavior.
While cookies provide anonymized data for a specific person, potentially the user’s identity can still be determined thanks to a fairly accurate digital fingerprint. As an alternative, Google came up with and started testing the FLoC standard. It differs in that it does not identify each person individually, but compiles groups of people based on the similarity of their interests (using machine learning to collect and analyze browser history) – for example, group A consists of fans of culinary sites, and group B »Includes fans of the group Rammstein. Although the groups will consist of thousands of users (the exact size has not yet been determined), the problem is that such a solution also has threats to user privacy, and even more than the cookie usage model.
Despite this sounding good theory, in practice ad platforms will be able to further isolate groups of users separated through FLoC. For at least two factors:
- by the digital fingerprint of the browser (which web browser is used and with which plugins, on which platform, with which language, at what resolution and display size);
- by the frequency of visiting certain sites – people’s interests are not constant, and FLoC identifiers are recalculated regularly (approximately every week), so it is quite easy to isolate people who constantly visit the same sites.
In addition to this, another problem emerges – FLoC eliminates all the restrictions that apply to cookies. The fact is that the “quality” of a cookie-based digital fingerprint directly depends on the number of sites with this tracker that the user has visited. If a web portal wants to know the “history” of a person, he must work with some major tracker himself. When cookie tracking is enabled, it is quite easy to digitally fingerprint them, but if they are blocked (or isolated by the TCP protocol), it is much more difficult for trackers to collect and transmit information.
But FLoC is not afraid of blocking, which is used for cookies. Firstly, the above-described factor of isolating users by the frequency of visiting certain sites cannot be blocked over TCP, since it is designed to prevent tracking visits to different sites, and not multiple visits to the same one. Secondly, FLoC identifiers are the same on all sites, and they become a common key to which you can bind data from external sources (for example, the same digital fingerprint of the browser). Roughly speaking, thanks to this, sites will be able to easily recognize the interests of a particular user, dividing the groups created by FLoC into smaller pieces and getting answers to such questions: “Do people living in Germany love motorcycles who have Mac computers with the Opera browser and have [этим идентификатором]? “. In other words, advertisers will know everything about the user the first time they visit the site, without having to create their digital profile on their own.
Considering all the problems with FLoC, many companies opposed this decision. The first of these was the non-profit human rights organization Electronic Frontier Foundation (EFF), and then it was criticized by developers from Mozilla, DuckDuckGo, Brave, Vivaldi, WordPress and other companies. Even Microsoft, whose browser runs on the Chromium engine with embedded FLoC support, disabled this option. However, the catch is that if the new technology does not become a common standard in the web industry, nothing will induce Google to stop its adoption, since the corporation has the most popular browser in the hands of the corporation (with a staggering lead from competitors in terms of the number of users) and one of the largest advertising platforms – it will be able to fully and successfully use FLoC within its “ecosystem”, without anyone’s support.
💡 How to disable:
Paste in the address bar chrome://settings/privacySandbox and go to this address, and then deactivate all the sliders on the page that opens.
Bottom line: is Chrome really so dangerous and what fate awaits it
Technically, users can get rid of each of Chrome’s shortcomings by disabling the corresponding items in the settings. However, the reality is that only a few will do this – only that part of users (moreover, those interested in technology) that cares about privacy with special trepidation. Probably, the overwhelming majority of people either do not learn about browser problems from the “good corporation” Google, or consider them insignificant. But we can safely say that few people will delete a web browser due to indirect privacy issues that are not visible to the end user in any way.
Google has a huge impact on the Internet today in every sense, and that is why the company is so boldly introducing controversial innovations (Idle Detection and FLoC), which almost all other developers oppose. There is only one seemingly effective way – forcing Google to change its business, and it seems that the authorities of large countries are thinking about this.
In the fall of 2020, the media reported that the US Department of Justice and state attorneys general wanted to force Google’s management to split the company by isolating the development departments of Chrome, the advertising platform and the search engine. American officials decided on this after the news about the very FLoC technology appeared – they explain this by the fact that under the guise of protecting privacy, the IT giant is going to create a closed ecosystem in which it can track users and target advertising, and competitors and small businesses will lose this opportunity in case of refusal to use Google services.
Such a move looks radical, but it seems the only possible against a corporation that occupies a leading (almost monopoly) position in each of the related areas: it has the largest search engine, one of the most massive advertising platforms and the most popular browser.
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
