WordPress may ban Google FLoC over security fears

The web engine joins a list of growing parties to decline to support the controversial third-party cookie alternative

WordPress may treat Google’s proposals to replace third-party cookies with a Federated Learning of Cohorts (FLoC) mechanism for recording browsing history as a potential security risk.

A post on the WordPress Core development team blog has urged the platform to consider banning FLoC because this replacement for third-party cookies supposedly unethically places people into groups based on their browsing habits. 

Any prospective move would be significant because WordPress powers 41% of platforms across the web, according to the organisation, and adds weight to a growing list of entities strongly opposed to the introduction of Google’s FLoC.

A string of popular web browsers, for example, including Mozilla’s Firefox, Opera, Brave and Edge have all opted out of the FLoC experiment, according to The Verge. Trials set to take place in the EU, meanwhile, have been delayed because of concerns they violate GDPR, according to Adexchanger.

Google has proposed FLoC as an alternative to third-party cookies to refine the process of using data to target web users with tailored adverts. This system is a way of making your browser profile users in the way that third-party tracker used to do, assigning a label to each user based on their behaviour, before sharing these with other websites and advertisers.

Related Resource

Address multi-cloud configuration risks

Cloud security challenges and how to overcome them

Cloud security challenges and how to overcome them - webinar from Trend MicroWatch now

The likes of the Electronic Frontier Foundation (EFF) have complained that it exacerbates the worst tendencies of third-party cookies, while also allowing organisations and governments to discriminate against individuals. 

The post calls for WordPress to brand this a security risk because this practice “is likely to facilitate employment, housing and other types of discrimination, as well as predatory targeting of unsophisticated consumers.” 

The proposal, which is only being considered at present, would involve automatically blocking FLoC support from all its websites by default, with administrators able to opt-in at a later date should by making changes themselves. The only way to roll out an automatic block is by considering FLoC as a security issue, not an ethical issue. 

Simon Dickson, who used to manage the WordPress VIP enterprise services team, clarified that nothing has yet been agreed, although the matter is under discussion. 

"Framing it as a security concern is understandable, but problematic," he added. "As several influential folks have noted already, 'security updates' are there to fix something that's demonstrably broken. People should feel able to apply them without (much) consideration.

"This will be an interesting test of WordPress's commitment to an open web. With 40% of the web running our software, what responsibility do we feel to respond to developments like this? And do we have appropriate decision-making structures to make that call?"

Featured Resources

Next-generation time series: Forecasting for the real world, not the ideal world

Solve time series problems with AI

Free download

The future of productivity

Driving your business forward with Microsoft Office 365

Free download

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Free download

A quantitative comparison of UPS monitoring and servicing approaches across edge environments

Effective UPS fleet management

Free download

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021