The Anti-Tracking Policy For Chromium-Based Browsers: Google's Respond To Apple

On the internet, privacy is a luxury that no one can practically enjoy.

Privacy is rare, as most if not all websites and online services use trackers of all sorts to analyze, understand and indeed track users in whatever their doing online. For good reasons, the information gathered can be used to improve their services, and earn them revenue.

But for the bad, it's certainly a privacy concern for those people who just want to surf the web anonymously.

WebKit, the open-source engine that is the foundation of Apple’s Safari browser and many other apps on macOS, iOS, and Linux, has announced a tracking prevention policy that aims to severely strict background trackers, cross-site tracking practices and other technologies used to track users.

With the market demanding Google to follow, the company responded by announcing an initiative to "fundamentally enhance privacy on the web", through its Chromium that powers Chrome, Opera, Vivaldi, and many more.

The proposal, according to the company's blog post, is dubbed 'Privacy Sandbox'.

It is Google's answer to limit many extensive tracking methods available on the web, which can come through cookies and covert methods, like tracking pixels, link decoration and device fingerprinting.

With this standard, Google through its Chromium open-source project, hopes that it can balance personalization and privacy, in a way that users are in control of their data.

"Technology that publishers and advertisers use to make advertising even more relevant to people is now being used far beyond its original design intent — to a point where some data practices don’t match up to user expectations for privacy," explained Chrome‘s engineering director Justin Schuh.

But this Privacy Sandbox is rather unique, as it is different than Safari and Firefox's approach.

According to Schuh, the two competing browsers' anti-tracking method is having unintended consequences, hurting publisher revenues and prompting advertisers to circumvent tracking protections through sneaky workarounds.

Read: Cookies, Browser Fingerprinting, And How You Can Delay The Death Of Online Privacy

Browser privacy

For obvious reasons, this explanation is partly because Google gets most of its revenue from ads. And restricting privacy to more than necessary, would cripple its business model.

This is why the search engine giant doesn't want to literally block all cookies that are used to track users' every move as they browse from one website to another.

Google noted that advertising is still the way for a more open web, citing a study that shows publishers lose an average of 52 percent of their advertising revenues when visitors block tracking cookies.

But for sneaky methods, indeed Google is against them.

Device fingerprinting for example, can track users based on their devices and their configuration. While users can certainly opt out of third-party cookie tracking using built-in features on browsers like Chrome, Safari, and Firefox, but users can’t prevent fingerprinting method.

In terms of privacy, users of the internet must always limit the information they give, but when it comes to device fingerprinting, things aren't easy.

This is by leveraging 'Differential Privacy' (DP), which is essentially a statistical technique that makes it possible to collect and share aggregate information about users, while safeguarding individual privacy.

In other words, through Privacy Sandbox, Google proposes a way to protect users' privacy, while at the same time, allow advertisers to continue target ads without resorting to privacy-violating practices.


This is done by adding "random noise" to the data to obscure the real data, thereby producing a result that isn’t quite exact, but still accurate enough to glean insights. The approach can also inject more and more noise to data in order to minimize data leak, like when data is queried from a database.

The basic of DP is that, setting it too high can leak sensitive data. But setting it too low, websites' ability to show and personalize experience won't be effective.

To get the best of privacy and personalization, Google intends to leverage the privacy budget to limit API calls from websites to reveal “enough information to narrow a user down to a group sufficiently large enough to maintain anonymity.”

And once the budget is exhausted, websites won't be able to get any further information.

Google here, is outlining its own privacy-focused initiative that puts users front and center, with Privacy Sandbox that gives users the ability to see what data is collected and control how it is used.

Here, Google is following Apple's footsteps, as it also tries to limit websites' tracking abilities and preventing cross-site tracking. But at the same time, Google's method also wants to ensure that measurements and related information about user targeting can be kept intact, without compromising their privacy.

It's an irony that such move comes from the company which at heart, is an advertising company that thrives on tracking users. But here, Google is trying to create the best of both worlds.

Tech companies are under regulatory scrutiny due to their data gathering practices. And this is where Google wants to play it safe.