SAN FRANCISCO - Despite many claims, privacy is hardly dead - at least for web browser makers How browsers protect user privacy is likely to be a major factor in the competition over the next decade, but it turns out that the two sides disagree on how to do it
Although there were no vegetables thrown or fistfights at the debate between representatives of Google Chrome, Microsoft Edge, Mozilla Firefox, and Brave at the Enigma Conference here Tuesday morning (January 28), each browser distinct and different approaches to how they protect user privacy more than made up for it
It's not just vendors that take privacy seriously On Monday, following allegations that antivirus vendor avast was collecting and selling user browsing data without permission (in fact, avast had permission), Senator Mark Warner (R-Va) accused the Federal Trade Commission (FTC ), who blasted the FTC for "not doing enough to protect consumers
"Realistically, it would never occur to consumers that antivirus software could be selling browsing data, and even more sensitive information such as mouse movements, to third parties," Warner told Vice and PC Magazine "It's becoming increasingly clear that the FTC is not keeping up with these data market developments and is reluctant to exercise its authority to do so Congress can no longer ignore this issue
While it is nearly impossible for browser vendors to stop monitoring by add-ons and extensions after users have installed them, there are other privacy options and innovations that browser vendors have already successfully implemented
Forcing websites to use secure HTTPS encryption by default and downgrading sites in search results if they do not was a Google project to encourage more standardized privacy on the web
Similarly, most modern browsers have taken steps to reduce or eliminate fingerprinting, the act of identifying users across the Internet through a combination of browser user agents, tracking cookies, HTML5 tracking, and other signs
However, the Internet has not yet adopted a policy to prevent fingerprinting
However, solving other privacy issues, such as protecting data in transit, blocking trackers, and allowing privacy-enhancing extensions, has proven to be thornier
This is not only because each vendor has a different approach to presenting privacy settings to users, but also because advertisers have a major influence on browser design and development
Display advertising plays a major role in keeping commercial websites in business, and ad networks often request more user data to display (partially) more targeted ads Advertisers stand to benefit most from weak privacy protections
Instead, advertisers were the elephant in the room when Justin Hsu, Chrome's director of trust and security engineering, outlined the difference between what advertisers want and what they need
"Advertisers don't really need your data They just want to monetize it efficiently"
He believes advertisers can continue to effectively target browser users and measure ad effectiveness through a proposed set of new privacy-preserving web standards called the Chrome Privacy Sandbox
There were no advertising representatives on stage, but there was at least one in the audience Gabriel DeWitt, vice president of product and technical operations for ad network Index Exchange, disputed the claim that advertisers do not care about privacy
He pointed to recently enacted European Union and California online privacy regulations and asked, "How can the advertising industry work with you guys to avoid GDPR issues and CCPA issues? He replied, "Change is happening so fast that we feel a little mosquitoed out We are also concerned about user privacy 0]
Tanvi Vyas, principal engineer at Firefox, agreed with Schuh's concerns about ads, but said Mozilla supports a different approach
Firefox currently blocks tracking cookies, but it has also developed its own privacy-friendly add-ons, such as Facebook Container, which prevents Facebook from seeing activity on other websites (Facebook itself yesterday made all users worldwide start using its Off-Facebook Activity tool to do the same thing)
"Safari, Firefox, Brave, and Edge have tracking protection by default We differ from Chrome in that we don't want to maintain the existing model"
The newly restructured Microsoft Edge now shares the same Chromium open source foundation as Chrome and Brave, but with privacy goals complicated by the broad needs of its diverse user base, according to Edge Product Manager Eric Lawrence said
To that end, Edge will soon support the ability to remove (or change) a website's referrer, so that it cannot tell where you were before you visited the website, he said
"Simplicity is important," Lawrence said Compatibility is important" If we offer great privacy, but it's not compatible with the web, people will choose another browser or turn off the privacy features
Apple did not send a Safari representative to the panel, but its fingerprints were still present
Yang Zhu, Brave's chief information security officer, said that when making privacy design decisions, Brave often checks what Safari has changed recently If those changes do not break Apple users' sites, Brave will also consider implementing those changes
"Because Brave is smaller and has more privacy-conscious people, it can be more experimental and aggressive in what it offers people," Zhu said
"The most fundamental difference is that we have a revenue model that replaces tracking-based advertising on the web," Zhu said, referring to Brave's own privacy-conscious micropayment-based advertising network" We can reject the whole idea that websites need to track you wherever you go"
Comments