IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

WordPress may ban Google FLoC over security fears

The web engine joins a list of growing parties to decline to support the controversial third-party cookie alternative

WordPress may treat Google’s proposals to replace third-party cookies with a Federated Learning of Cohorts (FLoC) mechanism for recording browsing history as a potential security risk.

A post on the WordPress Core development team blog has urged the platform to consider banning FLoC because this replacement for third-party cookies supposedly unethically places people into groups based on their browsing habits. 

Any prospective move would be significant because WordPress powers 41% of platforms across the web, according to the organisation, and adds weight to a growing list of entities strongly opposed to the introduction of Google’s FLoC.

A string of popular web browsers, for example, including Mozilla’s Firefox, Opera, Brave and Edge have all opted out of the FLoC experiment, according to The Verge. Trials set to take place in the EU, meanwhile, have been delayed because of concerns they violate GDPR, according to Adexchanger.

Google has proposed FLoC as an alternative to third-party cookies to refine the process of using data to target web users with tailored adverts. This system is a way of making your browser profile users in the way that third-party tracker used to do, assigning a label to each user based on their behaviour, before sharing these with other websites and advertisers.

Related Resource

Address multi-cloud configuration risks

Cloud security challenges and how to overcome them

Cloud security challenges and how to overcome them - webinar from Trend MicroWatch now

The likes of the Electronic Frontier Foundation (EFF) have complained that it exacerbates the worst tendencies of third-party cookies, while also allowing organisations and governments to discriminate against individuals. 

The post calls for WordPress to brand this a security risk because this practice “is likely to facilitate employment, housing and other types of discrimination, as well as predatory targeting of unsophisticated consumers.” 

The proposal, which is only being considered at present, would involve automatically blocking FLoC support from all its websites by default, with administrators able to opt-in at a later date should by making changes themselves. The only way to roll out an automatic block is by considering FLoC as a security issue, not an ethical issue. 

Simon Dickson, who used to manage the WordPress VIP enterprise services team, clarified that nothing has yet been agreed, although the matter is under discussion. 

"Framing it as a security concern is understandable, but problematic," he added. "As several influential folks have noted already, 'security updates' are there to fix something that's demonstrably broken. People should feel able to apply them without (much) consideration.

"This will be an interesting test of WordPress's commitment to an open web. With 40% of the web running our software, what responsibility do we feel to respond to developments like this? And do we have appropriate decision-making structures to make that call?"

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Most Popular

16 ways to speed up your laptop

16 ways to speed up your laptop

13 May 2022
Preparing for the 3G sunset
Network & Internet

Preparing for the 3G sunset

18 May 2022
(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security
Careers & training

(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security

17 May 2022