19 April 2021

WordPress says it will treat Google’s FLoC ad tracking technology as security issue


WordPress says it will treat Google’s FLoC ad tracking technology as security issue

The team behind WordPress, a popular content management platform, has announced that it will begin to block Google’s FLoC ad tracking technology because of security concerns.

FLoC (Federated Learning of Cohorts) is a new Google’s ad tracking technology that uses an algorithm to look into user browser history and anonymously place them in a group with similar browsing histories so that advertisers can target them. While FLoC is more private than cookies, security experts argue that the technology could pose a risk to privacy if not implemented right.

For example, privacy-centric search engine DuckDuckGo and privacy advocates like the EFF (Electronic Frontier Foundation) have expressed concern about Google's plans, pointing out that "FLoC places people in groups based on their browsing habits to target advertising".

“FLoC is meant to be a new way to make your browser do the profiling that third-party trackers used to do themselves: in this case, boiling down your recent browsing activity into a behavioral label, and then sharing it with websites and advertisers. The technology will avoid the privacy risks of third-party cookies, but it will create new ones in the process. It may also exacerbate many of the worst non-privacy problems with behavioral ads, including discrimination and predatory targeting,” the EEF wrote in its March blog post. “FLoC is part of a suite intended to bring targeted ads into a privacy-preserving future. But the core design involves sharing new information with advertisers. Unsurprisingly, this also creates new privacy risks.”

In a new announcement WordPress said it will treat FLoC as a security concern and will begin to block it in future versions.

“WordPress powers approximately 41% of the web – and this community can help combat racism, sexism, anti-LGBTQ+ discrimination and discrimination against those with mental illness with four lines of code,” the team said.

The company pointed out that users who want to opt into FLoC are "likely to have the technical know-how to simply override this proposed filter in Core.”

WordPress said the changes are planned to be introduced in WordPress 5.8, scheduled for release in July 2021. However, as FLoC is expected to roll out this month, the company is considering back-porting the code to earlier WordPress versions to protect visitors to web sites running current versions of the platform.

Back to the list

Latest Posts

Chinese espionage campaign Earth Krahang infiltrates govt entities worldwide

Chinese espionage campaign Earth Krahang infiltrates govt entities worldwide

The campaign involves the exploitation of vulnerabilities in public-facing servers and spearphishing attacks.
19 March 2024
Fujitsu discloses malware infection, warns of possible data leak

Fujitsu discloses malware infection, warns of possible data leak

The tech giant did not specify what kind of malware its systems have been infected with.
19 March 2024
ShadowSyndicate ransomware group targeting Aiohttp flaw

ShadowSyndicate ransomware group targeting Aiohttp flaw

Organizations are urged to update to Aiohttp v3.9.
18 March 2024