New Update DuckDuckGo Essentials blocks FLoC

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Get DuckDuckGo Privacy Essentials

Update for April 9, 2021
  • Google has created a new tracking method called FLoC, put it in Chrome, and automatically turned it on for millions of users.
  • FLoC is bad for privacy: It puts you in a group based on your browsing history, and any website can get that group FLoC ID to target and fingerprint you.
  • You can use the DuckDuckGo Chrome extension to block FLoC's tracking, which is an enhancement to its tracker blocking and directly in line with the extension's single purpose of protecting your privacy holistically as you use Chrome.
  • DuckDuckGo Search (via our website duckduckgo.com) is now also configured to opt-out of FLoC, regardless if you use our extension or app.
Source: Use DuckDuckGo Extension to Block FLoC, Google’s New Tracking Method in Chrome


Please note, using DuckDuckGo Privacy Essentials for Chrome will change your default search engine. It is a Catch-22.
As a user, what can I do to avoid this?
  • Don't use Google Chrome! Right now FLoC is only in Google Chrome, and no other browser vendor has expressed an intention or even interest to implement it.
 

Templarware

Level 9
Verified
Well-known
Mar 13, 2021
414
I would use it, if it wouldn't change my default search engine, I got tired of getting too generic/general results when searching a specific/complex question.
I use Bing as homepage, because of the daily wallpaper and great news selection, and also in the search bar for every-day small searchers. Then I use Google from Opera GX new tab's search box, for complex and specific searches.
 
Last edited:

The_King

Level 12
Verified
Top Poster
Well-known
Aug 2, 2020
542
Wait... If turning off third party cookies disables FLoC, why would someone install this extension if they don't use DuckDuckGo?
Yes this issue can be confusing at present moment.

Google Floc is going to replace 3rd party cookies. So blocking 3rd party cookies to avoid being tracked by Google Floc seems flawed in the long run.
If Google sticks to its roadmap, by this time next year Chrome will no longer allow websites to use third-party cookies, which are cookies that come from outside their own domains. The change theoretically makes it vastly more difficult for advertisers to track your activities on the web and then serve you targeted ads. Safari and Firefox have already blocked those cookies, but when it comes to market share, Chrome is currently the leader and so its switchover is the big one.

Google wants to replace the third-party tracking cookie with a complicated set of (bird-themed) technologies that are meant to let ad companies target specific demographics like age and location, while at the same time allowing the people who are targeted to remain anonymous.
 

Marko :)

Level 20
Verified
Top Poster
Well-known
Aug 12, 2015
954
Yes this issue can be confusing at present moment.

Google Floc is going to replace 3rd party cookies. So blocking 3rd party cookies to avoid being tracked by Google Floc seems flawed in the long run.



The thing is—once third party cookies are phased out, there should be browser setting for disabling FLoC. Otherwise, that would be against GDPR and Google could get fined.

Citing the article;
Websites will be able to opt out of participating in FLoC, meaning that visits to their sites won’t contribute to an individual FLoC user’s profile. Similarly, the Chrome team intends to put opt-out toggles somewhere in Chrome’s settings for users who don’t want to provide FLoC IDs to the websites they visit.

So, again, I don't see the point in installing extension for something you can turn off in Chrome's settings.
 

The_King

Level 12
Verified
Top Poster
Well-known
Aug 2, 2020
542
The thing is—once third party cookies are phased out, there should be browser setting for disabling FLoC. Otherwise, that would be against GDPR and Google could get fined.

Citing the article;


So, again, I don't see the point in installing extension for something you can turn off in Chrome's settings.
Turning off third-party cookies is not a bad idea in general. After all, cookies are at the heart of the privacy problems that Google says it wants to address. But turning them off altogether is a crude countermeasure, and it breaks many conveniences (like single sign-on) that many web users rely on.

When you consider the manner is which Google went about adding FLoc to its chrome browser without any opt in from its users.

Users have been enrolled in the trial automatically. There is no dedicated opt-out (yet).​

As described above, a random portion of Chrome users will be enrolled in the trial without notice, much less consent. Those users will not be asked to opt in. In the current version of Chrome, users can only opt out of the trial by turning off all third-party cookies.
Future versions of Chrome will add dedicated controls for Google’s “privacy sandbox,” including FLoC. But it’s not clear when these settings will go live, and in the meantime, users wishing to turn off FLoC must turn off third-party cookies as well.

The apple (chrome) does not fall far from the Tree (Google)

 

Marko :)

Level 20
Verified
Top Poster
Well-known
Aug 12, 2015
954
Turning off third-party cookies is not a bad idea in general. After all, cookies are at the heart of the privacy problems that Google says it wants to address. But turning them off altogether is a crude countermeasure, and it breaks many conveniences (like single sign-on) that many web users rely on.
First party cookies are there to remember your interaction with the websites (settings, sign in, etc.).
Third party cookies are non-essential cookies whose job is only to track you across different websites.

If you disable first party cookies, many websites will be broken. If you disable third party cookies, almost none of the websites will be broken. I'm blocking third party cookies since way before that was even a thing. So far, the only website I saw broken because of it was Google Drive—and it literally said that you have to enable third party cookies for it to work normally. Terrible design from Google which I expect to go away soon.
When you consider the manner is which Google went about adding FLoc to its chrome browser without any opt in from its users.
Ad personalization is turned on by default in products from any company that uses ads. Google, Microsoft, Facebook, Apple, Samsung, Xiaomi—all companies have that enabled by default and you have to manually turn the setting off.

Because of that, I don't see the problem with FLoC turned on by default if there is option to turn it off.
 

The_King

Level 12
Verified
Top Poster
Well-known
Aug 2, 2020
542
First party cookies are there to remember your interaction with the websites (settings, sign in, etc.).
Third party cookies are non-essential cookies whose job is only to track you across different websites.

If you disable first party cookies, many websites will be broken. If you disable third party cookies, almost none of the websites will be broken. I'm blocking third party cookies since way before that was even a thing. So far, the only website I saw broken because of it was Google Drive—and it literally said that you have to enable third party cookies for it to work normally. Terrible design from Google which I expect to go away soon.
If you use an Identity-as-a-Service (IDaas), such as Akamai Identity Cloud, to help provide SSO capabilities, 3rd party cookies would be used to help facilitate this since the service is a provider not owned by your site. Impacted websites will not be able to automatically log in a user who has already authenticated on another one of your sites and in turn, users will need to initiate log in on each site.
As a result of limiting 3rd party cookie usage, single sign-on solutions that rely on 3rd party cookies are also impacted and are already not working in many browser/OS combinations. Apple for one has recognized this and indicated (blog post here) the disruption of SSO or federation may have an "unintended impact" and "may alter tracking prevention methods to permit certain use cases" in the future.
Even though this 3rd party cookie isn't being used to track users, the new browser protections don't discriminate between "good" capabilities like SSO vs. "less desirable" functions such as ad tracking. If it's a 3rd party cookie, it gets disabled.

Ad personalization is turned on by default in products from any company that uses ads. Google, Microsoft, Facebook, Apple, Samsung, Xiaomi—all companies have that enabled by default and you have to manually turn the setting off.

Because of that, I don't see the problem with FLoC turned on by default if there is option to turn it off.
I am sure not everyone of the (several million)5% of chrome user who were Flocked by Google share your same opinion. I for one have a major problem with Googles Floc and do have a problem with it being turned on by default and do not wish to turn off 3rd party cookies to inconvenience my browsing experience because Google wants a new way to track me online.
 

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
I would use it, if it wouldn't change my default search engine, I got tired of getting too generic/general results when searching a specific/complex question.
I use Bing as homepage, because of the daily wallpaper and great news selection, and also in the search bar for every-day small searchers. Then I use Google from Opera GX new tab's search box, for complex and specific searches.
DDG uses Bing, the results should appear similar. You can also customise the way DDG works for you.

Learn to use the !Bang syntax.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top