Most active commenters
  • dleslie(5)

←back to thread

Google’s FLoC Is a Terrible Idea

(www.eff.org)
604 points wyldfire | 12 comments | 04 Mar 21 15:59 UTC | HN request time: 0.892s | source | bottom
Show context
dleslie ◴[04 Mar 21 16:49 UTC] No.26344736[source]
This captures my feelings on the issue:

> That framing is based on a false premise that we have to choose between “old tracking” and “new tracking.” It’s not either-or. Instead of re-inventing the tracking wheel, we should imagine a better world without the myriad problems of targeted ads.

I don't want to be tracked. I never have wanted to be tracked. I shouldn't have to aggressively opt-out of tracking; it should be a service one must opt-in to receive. And it's not something we can trust industry to correct properly. This is precisely the role that privacy-protecting legislation should be undertaking.

Stop spying on us, please.

replies(10): >>26345317 #>>26345398 #>>26345438 #>>26345507 #>>26345714 #>>26346976 #>>26347529 #>>26347549 #>>26349806 #>>26350238 #
izacus ◴[04 Mar 21 17:34 UTC] No.26345317[source]
What's tracking in your definition here? Is counting display of an ad tracking? Load of an image on page? Is logging nginx entry for your page load tracking? Is responding with correct image for your browser user-agent tracking?

I'm sometimes confused what is covered under this term and I'd kinda like to know where the line here is drawn. What exactly are we talking about here?

replies(2): >>26345587 #>>26345689 #
1. dleslie ◴[04 Mar 21 17:53 UTC] No.26345587[source]
When site A and site B are able to communicate to each other that I am a unique individual who has a particular session or sessions open.
replies(1): >>26345658 #
2. michaelbuckbee ◴[04 Mar 21 17:57 UTC] No.26345658[source]
My understanding of FLOC is that it would meet that standard.

That it would independently identify you to Site A and Site B as a person in a particular cohort.

replies(2): >>26345869 #>>26346323 #
3. dleslie ◴[04 Mar 21 18:09 UTC] No.26345869[source]
That's enough information to begin to uniquely identify me, along with other commonly available factors; like GeoIP and so forth.
replies(2): >>26346134 #>>26348541 #
4. ◴[04 Mar 21 18:26 UTC] No.26346134{3}[source]
5. dillondoyle ◴[04 Mar 21 18:39 UTC] No.26346323[source]
in addition i haven't heard that google is dramatically changing GA tracking?
6. ChrisLomont ◴[04 Mar 21 21:22 UTC] No.26348541{3}[source]
Answering any packet request from your end is enough to uniquely identify you. How do you propose TCP/IP would work without unique addresses?
replies(2): >>26349411 #>>26350206 #
7. dleslie ◴[04 Mar 21 22:32 UTC] No.26349411{4}[source]
From my original comment:

> This is precisely the role that privacy-protecting legislation should be undertaking.

replies(1): >>26350083 #
8. NavinF ◴[04 Mar 21 23:36 UTC] No.26350083{5}[source]
Legislation will not solve the technical problem that the guy you're replying to brought up. Are they gonna write distributed communication protocols into law now?
replies(1): >>26350546 #
9. smolder ◴[04 Mar 21 23:48 UTC] No.26350206{4}[source]
In many cases yes, but broadly, IP address is not a basis for determining an individual. It's difficult to know it's not some other NAT'd user or dynamically assigned.
replies(1): >>26353796 #
10. dleslie ◴[05 Mar 21 00:20 UTC] No.26350546{6}[source]
They can write private data sharing restriction legislation.
11. ehsankia ◴[05 Mar 21 07:14 UTC] No.26353796{5}[source]
And why is the same not true for FLoC? How come when it comes to FLoC, the bare minimum amount of information is magically enough to identify you, but when it comes to IP, you just shrug it away as it being too difficult?
replies(1): >>26373852 #
12. smolder ◴[07 Mar 21 07:01 UTC] No.26373852{6}[source]
Personally, I didn't make any claim about FLoC magically identifying people. It does help to identify people, though. IP address you can't do without, FLoC would be additional information beyond that, so it helps identify people.