WordPress reported today that they plan on treating Google’s new FLoC tracking technology as a security concern and plans to block it by default on WordPress sites.
For quite a while, browsers have started to progressively block third-party browser cookies [1, 2, 3] utilized by advertisers for interest-based advertising.
Accordingly, Google presented a new ad tracking technology called Federated Learning of Cohorts, or FLoC, that uses a web browser to anonymously place clients into interest or conduct buckets dependent on how they browse the web.
After Google started testing FLoC this month in Google Chrome, there has been an agreement among privacy advocates that Google’s FLoC implementation simply replaces one privacy risk with another one.
“FLoC is meant to be a new way to make your browser do the profiling that third-party trackers used to do themselves: in this case, boiling down your recent browsing activity into a behavioral label, and then sharing it with websites and advertisers.”
“The technology will avoid the privacy risks of third-party cookies, but it will create new ones in the process. It may also exacerbate many of the worst non-privacy problems with behavioral ads, including discrimination and predatory targeting,” the Electronic Frontier Foundation (EFF) explained in a recent blog post.
From that point forward, other privacy browser and search engine developers, like Brave Browser, DuckDuckGo, and Vivaldi, have all eliminated FLoC from their software or made tools to block it.
In a new declaration today, WordPress states that they consider Google’s FLoC technology a security concern and will start to block it in future versions.
“WordPress powers approximately 41% of the web – and this community can help combat racism, sexism, anti-LGBTQ+ discrimination and discrimination against those with mental illness with four lines of code,” says WordPress.
WordPress plans to disable FLoC using the four lines of code, which will make the contributions to a blogging platform issue an HTTP request header tells the browser that FLoC ought to be disabled for the site.
WordPress clarifies that however some admins will probably need to empower this technology, those admins likely have the tech know-how to abrogate the code. WordPress additionally demonstrated that they may add a setting that permits admins to control whether FLoC is allowed.
Notwithstanding, WordPress’ concern is that those unconscious of this new tracking technology will automatically pick into it without completely understanding what it involves. Hence, it is in these clients’ best interest for WordPress to automatically disable the technology.
“When balancing the stakeholder interests, the needs of website administrators who are not even aware that this is something that they need to mitigate – and the interests of the users and visitors to those sites, is simply more compelling,” WordPress explains.
WordPress states that this code is planned for WordPress 5.8, scheduled for release in July 2021.
As FLoC is required to carry out sooner, WordPress is thinking about back-porting this code to prior versions to “amplify the impact” on current versions of the blogging platform.