Problem/Motivation
Google is introducing what it calls Federated Learning of Cohorts, which is a way to gather user data without cookies, regardless of whether a website is loading any Google-related trackers. This is enabled starting in Chrome 89, and only in select countries on a trial basis.
Although other major browser vendors are likely against this technology and will presumably not be implementing it, given Chrome’s market share this will become a concerning issue, because it largely remove users’ ability to easily opt out of being tracked—particularly true in the case of less-savvy users.
See a very informative post by Plausible.
Since no one can reasonably expect users to just stop using Chrome, it will be up to responsible developers to block FLoC at the source.
Steps to reproduce
Proposed resolution
Blocking FLoC is as easy as adding this header to the HTTP response:
Permissions-Policy: interest-cohort=()
Remaining tasks
User interface changes
None.
API changes
None.
Data model changes
None.
Release notes snippet
Introduce Permissions-Policy header to block Google’s Federated Learning of Cohorts.