Google is facing a growing backlash over Chrome’s new FLoC update, despite their claims that it will promote a “privacy-first” internet. But privacy advocates and rival browser companies aren’t convinced. So what is FLoC? And is it really a viable alternative to browser cookies?
Malcolm Higgins
Apr 21, 2021 · 3 min read
FLoC (Federated Learning of Cohorts) is a system created by Google to replace browser cookies on Chrome. According to the tech giant, they believe FLoC can help to protect user privacy.
That’s right; Google would like to protect your privacy. Unconvinced? Well, you’re not the only one. Multiple privacy-focused browsers, including DuckDuckGo and Brave, have already rejected FLoC and condemned it as a step in the wrong direction.
Before we can look at the problems with FLoC, however, we need to understand what it is, and what it’s meant to replace.
Browser cookies are little pieces of data that websites implant in your browser, allowing them to track you across multiple different pages. While they can be useful at times, helping sites recognize returning visitors, cookies also facilitate invasive advertising.
Google is trialing FLoC on their Chrome browser as an alternative system for ad targeting. In theory, it works like this:
On the surface, that seems like a neat idea. Let’s say Chrome can tell from your browsing history that you’re in New York and interested in electric guitars. It will assign you to a relevant cohort, along with thousands of similar people.
When you view a website, that site will receive your FLoC ID. They can then target you with ads for guitar shops in New York, but they won’t have any specific information about the previous pages you’ve visited.
The problem with FLoC is that it doesn’t actually make you more private — it just strengthens Google’s stranglehold on your data. The websites you visit on Chrome might not know the specifics of your browsing history, but Google will.
Google trying to monopolize user data is nothing new, of course, but their attempt to frame FLoC as a win for individual privacy seems particularly disingenuous.
Further undermining the “privacy-first” argument is the fact that your FLoC ID could still be linked to your personal IP address relatively easily. While cohorts won’t be based on sensitive information like medical history or religious affiliations, this is still very far from a genuinely private browsing experience.
Here's the good news: the companies behind several major browsers are refusing to adopt this system. As of writing, the following browsers are putting privacy first and opposing FLoC:
While only these three have officially rejected FLoC, other mainstream browsers have voiced concerns and assured users that they don’t intend to implement the system (for now). These browsers include:
The Safari browser is expected to join this list as well, although Apple is yet to officially lay out their position.
So if you stop using Chrome and carefully avoid FLoC-enabled browsers, will your internet activity stay private? Well, not necessarily.
The real issue is that your data probably wasn’t that private to begin with. FLoC is the tip of a much larger iceberg; companies can already track your IP address, and your internet service provider (ISP) is legally entitled to monitor and sell your data. You can uninstall Google Chrome, but privacy is far from assured.
We recommend using a virtual private network, or VPN. Premium services like NordVPN will encrypt your data, ensuring that your ISP can’t see what you’re doing online. A VPN can also mask your IP address, so websites are unable to match your activity with your device.