Google's new Privacy Sandbox

OVERKILL · Sep 8, 2023

And why I'm moving away from Chrome.

I've been a Chrome user since the browser first showed up. I typically have three different browsers on the go, with different types of tab content on each. That has been:
- Chrome
- Firefox
- Brave

However, if you aren't familiar with the latest announcement, you can read more on it here:
Google Chrome users receiving "Privacy Sandbox" pop-up: How it works (newsbytesapp.com)

Google has begun rolling out Privacy Sandbox, a new feature designed to replace third-party cookies, to all Chrome users.The feature tracks users' interests based on browsing habits and allows advertisers to display relevant ads.

Google Chrome's cookie-killing Privacy Sandbox now available for most users (mobilesyrup.com)

While many browsers already offer ways to block third-party cookies and/or trackers, Google doesn’t exactly want to go that route because it makes money off of spying on users and turning that information into ads. Though it’s worth noting Chrome allows you to block third-party cookies, you just have to go digging to find the option.

Enter the Privacy Sandbox, Google’s solution that offers Chrome users more privacy while still letting advertisers bombard them with ads. It relies on Ad Topics (a.k.a. the Topics API), which uses people’s web history to sort them into categories that advertisers can use to target them with ads. Google says this happens in the Chrome browser, and neither it nor anyone else can see people’s browsing history or learn any personal details about people using the system. Instead, advertisers just see that there are people interested in a topic, and they can target those people with ads.

Alongside Privacy Sandbox, Google will also roll out a complicated tool called ‘Site Suggested Ads’ that will let websites tag users with subjects they want those people to see ads about. There’s also an ‘Ad Measurement’ tool to help companies track how well their ads perform.

Basically, the goal here is for Google/Chrome to track your browsing directly, instead of allowing third-party cookies, and will then present you with ads it selects based on your browsing habits. So, instead of Tom's Hardware advertisers using cookies to track the browsing habits of your IP, including your browser type and the like (and of course your ability to block this with disabling 3rd party cookies or using UBlock and similar), you'll get ads chosen by Google based on what Chrome sees you doing. This of course is much more personal, as most people are signed into Chrome, but even if you aren't, it knows if you are signed into a mail account, what that account is, who you bank with...etc. It's a massively more "big brother" approach which is raising some red flags for people legitimately concerned about privacy.

This has created some understandable outrage in the cyber security community.

So, at this point, if you want a Chromium-based browser that is less "big brother", Edge is actually a better option, which is wild to be saying.

Of course if you aren't demanding it be Chromium-based, you can just use Firefox.

wwillson · Sep 8, 2023

Privacy Sandbox has been in the works for a long time. Google knew the day of the cookie was coming to an end, so they had to come up with something else. Privacy Sandbox is brilliant, they get to say that they no longer use tracking cookies. You accept the terms of use for Chrome and it stops just short of saying they can come into your house at any time they want and drink your beer. Have you noticed how desperately Google wants you to sign on to your account? That is the noose. When you are signed in, they still collect anything they want about your browsing and they KNOW it's you. Then they send you highly and I mean highly targeted ads.

Guess what else? Google has shut anyone else out from using cookies to send you targeted ads. All the ad revenue for Google all the time. Google's corporate motto is, "Do no harm", but in teeny tiny print it says, "unless you can make hundreds of billions in profits".

I uninstalled Chrome a long time ago and jail my Google sessions with Firefox containers. Google must think I'm really boring, as all I ever do is read emails.

spackard · Sep 8, 2023

Microsoft wants to make it difficult for you to not be signed in to them at all times too.
It’s getting to the point where you’ll have a verified credential to do anything. Maybe it’s just me.

ctechbob · Sep 8, 2023

FWIW, I'm sure it doesn't disable everything.

OVERKILL · Sep 8, 2023

wwillson said:
Privacy Sandbox has been in the works for a long time. Google knew the day of the cookie was dying, so they had to come up with something else. Privacy Sandbox is brilliant, they get to say that they no longer use tracking cookies. You accept the terms of use for Chrome and it stops just short of saying they can come into your house at any time they want and drink your beer. Have you noticed how desperately Google wants you to sign on to your account? That is the noose. When you are signed in, they still collect anything they want about your browsing and they KNOW it's you. Then they send you highly and I mean highly targeted ads.

Guess what else? Google has shut anyone else out from using cookies to send you targeted ads. All the ad revenue for Google all the time. Google's corporate motto is, "Do no harm", but in teeny tiny print it says, "unless you can make hundreds of billions in profits".

I uninstalled Chrome a long time ago and jail my Google sessions with Firefox containers. Google must think I'm really boring, as all I ever do is read emails.

Yes, it's incredibly devious! It wasn't on my radar, in terms of being developed, I caught wind of it through some CS twitter accounts freaking out about it and was like "whoa, what the hell is this?!" and did a bit of research, and off Chrome I went.

Pew · Sep 9, 2023

Wow that's all extremely sneaky stuff they're doing. The normal consumer isn't going to think about it past "privacy sandbox" and take it exactly how the name suggests.

wpod · Sep 9, 2023

We need to make it known we will not purchase anything the browser advertises.

ka9mnx · Sep 9, 2023

I haven't trusted anything "Google" related for some time. The newer Firefox isn't much better.

Also, I built and installed a PfSense DNS/DHCP/router on a small two ethernet port, 10 year old, industrial computer bought on Epay (runs on FreeBSD). Search YouTube to learn about PfSense and Quad9. Search the interweb for PfSense, Quad9 and unbound for more information. A good source, and what got me started, was Naomi Brockwell: NBTV on youTube.

OVERKILL · Sep 9, 2023

ka9mnx said:
I haven't trusted anything "Google" related for some time. The newer Firefox isn't much better.

Also, I built and installed a PfSense DNS/DHCP/router on a small two ethernet port, 10 year old, industrial computer bought on Epay (runs on FreeBSD). Search YouTube to learn about PfSense and Quad9. Search the interweb for PfSense, Quad9 and unbound for more information. A good source, and what got me started, was Naomi Brockwell: NBTV on youTube.

Sounds like a great little setup!

I first started using FreeBSD in the mid 90's. Made a boot floppy and downloaded it over dial-up on my 486SX/25. Same box I tried Slackware Linux on. I've been a fan of PFSense since the early 2000's, when it was a more mature alternative to many of the Linux-based firewall solutions that were available at the time like Smoothwall and IPCop.

Quad9 offers the same sort of DNS filtering as OpenDNS and CIRA, which I covered in my Secure DNS thread, which is now being circumvented by browser-based DoH. If you haven't seen it, I highly recommend giving it a read.

Pablo · Sep 9, 2023

Not reading any of this.

I do NOT trust Google one tiny bit. Nothing.

Good luck.

OVERKILL · Sep 9, 2023

Pablo said:
Not reading any of this.

I do NOT trust Google one tiny bit. Nothing.

Good luck.

To be clear, the OP is the reason I no longer use Chrome, Google has become even less trustworthy with this move.

Pablo · Sep 9, 2023

OVERKILL said:
To be clear, the OP is the reason I no longer use Chrome, Google has become even less trustworthy with this move.

Ah, thanks.

Sandbox and Google, yes seemed laughable.

ka9mnx · Sep 9, 2023

OVERKILL said:
Sounds like a great little setup!

I first started using FreeBSD in the mid 90's. Made a boot floppy and downloaded it over dial-up on my 486SX/25. Same box I tried Slackware Linux on. I've been a fan of PFSense since the early 2000's, when it was a more mature alternative to many of the Linux-based firewall solutions that were available at the time like Smoothwall and IPCop.

Quad9 offers the same sort of DNS filtering as OpenDNS and CIRA, which I covered in my Secure DNS thread, which is now being circumvented by browser-based DoH. If you haven't seen it, I highly recommend giving it a read.

My first firewall many years ago was Smoothwall. Took weeks to get up and running but was pretty neat for the time.

Thanks for the link. Now I have another thing to go off and read! I wouldn't trust browser based DoH! I WANT CONTROL!

alarmguy · Sep 9, 2023

Good OP though not a chrome user Im just an anti google person for no other reason then "because" of my perceptions of them as a company.

benjy · Sep 19, 2023

been seeing the "sandbox" when clearing history + wondering + now i kinda know!

JHZR2 · Sep 23, 2023

How am I going to watch porn and buy contraband now?!? Lol.

I’ve always found the Google do no harm claims dubious.

I’m curious how Apple’s setup differs since they claim to support privacy. Maybe it doesn’t matter when every site has a prompt for me to log into google.

I’ve never been a chrome user; Firefox and safari on all my home stuff, edge on work computer. But I’m curious on the actual how of how to block more of the Google games being played.

alarmguy · Sep 25, 2023

JHZR2 said:
How am I going to watch porn and buy contraband now?!? Lol.

I’ve always found the Google do no harm claims dubious.

I’m curious how Apple’s setup differs since they claim to support privacy. Maybe it doesn’t matter when every site has a prompt for me to log into google.

I’ve never been a chrome user; Firefox and safari on all my home stuff, edge on work computer. But I’m curious on the actual how of how to block more of the Google games being played.

Well, first off sign into google and disable everything including location services. Also select to delete all your location information which if you haven't has everyplace you ever traveled since the first day that you ever signed up for gmail.

When doing searches only once in a very great while do I use google and I mean, maybe a handful of times a year.
My default on my Apple computers and iPhone is DuckDuckGo

jeepman3071 · Sep 25, 2023

I've been using Brave and haven't looked back. Tired of seeing ads every waking second of my life.

uc50ic4more · Sep 25, 2023

alarmguy said:
Well, first off sign into google

Possibly if one is anti-Google for $REASONS and has concerns about $SOMETHING but already has a Google account to sign into they may have already possibly dramatically missed the point; e.g. "I deeply loathe the colour blue. I recently went to the store, bought a bunch of blue paint and slathered it all over my walls. Now what I can do to minimize the deleterious effects of blue?"

If someone doesn't like Google, don't have a Google account or use their services or their products. It is challenging but not impossible. They will then be left with the remainder of the horrifying number of other organizations, businesses and agencies who are collecting data about them and their habits - which includes Google since they're still going to have their activities associated with their IP and they're still going have to boatload of stored cookies that tell them and their partners who they are and what they're up to - hiding under their bed and in their closet.

To have these concerns and be a Windows user is an exercise in utter futility. To have these concerns and use any unsupported operating system is... I don't even know where to begin. The phrase "Worrying about dimes and forgetting about dollars" comes to mind.

I'll offer up some unsolicited advice for anyone interested: The most important question for you to ask yourself is (a two-parter) "How much do I honestly care about my online privacy, juxtaposed with the benefits I get from normal internet use? What are the practicable effects on my real life that private and state-sponsored privacy-invasive practices are going to have?" If you really, really, really care about your privacy for whatever reason(s) are valid to you, you'll need to do your computing with a privacy-centred Linux distribution such as Tails and live with the excruciatingly slow internet usage from using Tor. And you'll have to put a drill through your phone, whether it's an iThing or Android, RIGHT NOW and then throw it in the river. (And then expect to be inundated with location-based ads for swim gear!)

Unfortunately, the other extreme end of that spectrum IS normal internet use, where a LOT of information about who you are and what you do - and if you don't make a living at this I promise you it is deeper and more sophisticated than you think; but unless you live in a place than ends in "stan" is probably solely dedicated to just selling you more fattening garbage as you slowly descend into becoming a slovenly lump of partially-useful memes - is collected ad nauseum, analyzed and logic-extrapolated by AI. Without even noticing it you'll mention to your wife within earshot of your Alexa or Google Nest how much you need a new baseball glove and then you'll start seeing sporting goods store ads on BITOG and your Windows Start menu. Live in Wisconsin and you just hit the "thumbs down" icon on someone's comment about how the Lions are 100% going 17-0 this season? (I am still confident the loss to ATL will be soon overturned.) Get ready for ads for Packers swag. Recently used the Facebook-provided comments section on a neighbourhood blog and mentioned your sister is getting married this autumn? Lord help you.

alarmguy · Sep 25, 2023

uc50ic4more said:
Possibly if one is anti-Google for $REASONS and has concerns about $SOMETHING but already has a Google account to sign into they may have already possibly dramatically missed the point; e.g. "I deeply loathe the colour blue. I recently went to the store, bought a bunch of blue paint and slathered it all over my walls. Now what I can do to minimize the deleterious effects of blue?"

If someone doesn't like Google, don't have a Google account or use their services or their products. It is challenging but not impossible. They will then be left with the remainder of the horrifying number of other organizations, businesses and agencies who are collecting data about them and their habits - which includes Google since they're still going to have their activities associated with their IP and they're still going have to boatload of stored cookies that tell them and their partners who they are and what they're up to - hiding under their bed and in their closet.

To have these concerns and be a Windows user is an exercise in utter futility. To have these concerns and use any unsupported operating system is... I don't even know where to begin. The phrase "Worrying about dimes and forgetting about dollars" comes to mind.

I'll offer up some unsolicited advice for anyone interested: The most important question for you to ask yourself is (a two-parter) "How much do I honestly care about my online privacy, juxtaposed with the benefits I get from normal internet use? What are the practicable effects on my real life that private and state-sponsored privacy-invasive practices are going to have?" If you really, really, really care about your privacy for whatever reason(s) are valid to you, you'll need to do your computing with a privacy-centred Linux distribution such as Tails and live with the excruciatingly slow internet usage from using Tor. And you'll have to put a drill through your phone, whether it's an iThing or Android, RIGHT NOW and then throw it in the river. (And then expect to be inundated with location-based ads for swim gear!)

Unfortunately, the other extreme end of that spectrum IS normal internet use, where a LOT of information about who you are and what you do - and if you don't make a living at this I promise you it is deeper and more sophisticated than you think; but unless you live in a place than ends in "stan" is probably solely dedicated to just selling you more fattening garbage as you slowly descend into becoming a slovenly lump of partially-useful memes - is collected ad nauseum, analyzed and logic-extrapolated by AI. Without even noticing it you'll mention to your wife within earshot of your Alexa or Google Nest how much you need a new baseball glove and then you'll start seeing sporting goods store ads on BITOG and your Windows Start menu. Live in Wisconsin and you just hit the "thumbs down" icon on someone's comment about how the Lions are 100% going 17-0 this season? (I am still confident the loss to ATL will be soon overturned.) Get ready for ads for Packers swag. Recently used the Facebook-provided comments section on a neighbourhood blog and mentioned your sister is getting married this autumn? Lord help you.

Well you can support these companies and their invasive ways or you can limit what they learn about you.
You can ignore it and allow it to happen, keep yourself "dumb" about losing your privacy or be educated about it.
It's not black and white as you describe. There is such a thing as being educated about what takes place. A "dumbed" down population is the population that is controlled. Look it up in any history book. Heck, look at current dictatorships.

You do not have to have google in your life, you do not have to have Alexa in your life, you do not have to have Nest in your life.
You can have Alexa and simply turn off voice on the device.

But to tell the population that they have no control is not correct. You can hurt these companies and you can limit their data collection to the point it cost some companies tens of billions of dollars. Facebook is the most well known example when Apple stopped cross app tracking. Close the app you are done. Apple settings make it easy to not allow many other times of invasive things.

I do understand where you are coming from but I dont have to give up anything and I dont worry about anything but I do use all the tools available to me to limit the amount of data and money companies make off of me. Google is the bottom of the list. I do not willingly use anything related to them.

All I am saying is that it is not correct to tell people to roll over on their backs and allow these technology companies to do whatever they want to you. You do not have too, an educated public and one that is involved is the biggest danger to these companies, luck for them, 80% of the public doesnt care. But the other 20% dont roll over and are at least aware of what takes place. This is one area where they are much advanced in the E/U.

Blanket statements about IP addresses isnt entirely correct. The address itself can not be tied to a particular person.
Another Apple option is Apple supplies a fake IP address to known trackers. Being most of the public could care less, things will never be 100% but the educated ones do limit. Just the fact that so many people use Gmail is statement to the "could care less attitude" but others deny google and fight back.

A population that rolls over and lays on their back is one that is doomed.

Google's new Privacy Sandbox

OVERKILL

$100 Site Donor 2021

wwillson

spackard

ctechbob

OVERKILL

$100 Site Donor 2021

Pew

wpod

ka9mnx

OVERKILL

$100 Site Donor 2021

Pablo

OVERKILL

$100 Site Donor 2021

Pablo

ka9mnx

alarmguy

benjy

JHZR2

alarmguy

jeepman3071

uc50ic4more

alarmguy

Similar threads