this post was submitted on 25 Oct 2023
757 points (95.8% liked)

privacy

2947 readers
1 users here now

Big tech and governments are monitoring and recording your eating activities. c/Privacy provides tips and tricks to protect your privacy against global surveillance.

Partners:

founded 2 years ago
MODERATORS
 

I'm fucking done with Chrome. Fuck this.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 43 points 1 year ago (17 children)

There is a lot of misinformation being shared in this thread.

A good excerpt from Steve Gibson covering Topics on SecurityNow #935

What I do know, though, is that user profiling via tracking represents the height of privacy intrusion. As far as I know, an immutable record of every website I have ever visited is squirreled away in multiple massive hidden and inaccessible-to-me profiling databases. And I have zero control over that. That's the world we're in today. But if Topics succeeds, and Google would appear to be in the position to singlehandedly deliver its success, it is a far less intrusive profiling technology. And in addition to being a much weaker information gatherer, Google has chosen to provide its users complete control over the Topics their browser presents to the world, including turning it off altogether for full anonymity. I'll explain that further in a minute.

So if only on that basis, Topics at least represents a huge step in the right direction. Yes, by default some interest profiling remains. But the means of obtaining those significantly weakened profiles is no longer tracking. And users have complete visibility into their online profile and are able to curate, edit, and even delete any of it or all of it as they choose. So it's a compromise. But there are many websites begging for our support. My feeling is, if voluntarily letting them know something about who we are allows them to generate, as they claim, significantly more revenue from our visit, is that too high a price to pay? Again, it's an individual decision. But now, in a world with Topics, at least, it's one we're able to make.

...

Okay. So here's how Topics works. The essence of Topics are individual topic tokens - zero, one, or many - which are assigned to individual websites. For example, my GRC.com site might be associated with Computers and Electronics/Network Security, and Computers and Electronics/Programming, and Networking/Internet Security. So when someone visited GRC.com, their own web browser would record their interest in the topics associated with GRC.com, those topics, those three. But their visit to GRC.com itself would never be recorded other than in their regular local browser history as is always done. The only thing retained by the browser to indicate their interest in those topics would be those three numbered parameters.

For example, in Google's current 349-topic list, which they refer to as a "taxonomy," there's "Arts and Entertainment" as a general topic if nothing more specific is available. But then there's "Arts and Entertainment," and then under that "Acting and Theater," and "Comics," "Concerts and Music Festivals," "Dance," "Entertainment Industry," "Humor." And under "Humor" is the subtopic "Live Comedy." And it goes on like that with "Arts and Entertainment" having a total of 56 token entries before we switch to "Autos and Vehicles," which has 29 subcategories, which brings us to "Beauty and Fitness" and so on. You get the idea.

So here's how Google's specification explains this. They said: "The topics are selected from an advertising taxonomy. The initial taxonomy proposed for experimentation will include somewhere between a few hundred and a few thousand topics." They said: "Our initial design includes around 350." And I counted them, it's 349. "As a point of reference, the IAB Audience Taxonomy contains around 1,500 individual topics and will attempt to exclude sensitive topics." And they said: "We're planning to engage with external partners to help define this. The eventual goal is for the taxonomy to be sourced from an external party that incorporates feedback and ideas from across the industry."

...

Google explains: "The topics will be inferred by the browser. The browser will leverage a classifier model to map site hostnames to topics. The classifier weights will be public, perhaps built by an external partner, and will improve over time. It may make sense for sites to provide their own topics via meta tags, headers, or JavaScript, but that remains an open discussion for later."

SecurityNow #935 transcript

[–] [email protected] 7 points 1 year ago (2 children)

Yeah - this is the privacy model that ad targeting should have always taken. People are grabbing pitchforks not really knowing why.

Moving profiles to the edge and only letting ad servers know what to send rather than connecting the ads to profiles of centrally located browsing data and history would be a huge step forward in privacy for the average user.

The even better version of this would be the ad server sending "ad options" and the browser selecting what to show based on the internal profile, so even category data isn't sent, just the potential linking of which ad is shown to which user (but not knowing if that correlated to an actual preference or if the other options were just equally poorly targeted).

[–] [email protected] 3 points 1 year ago (1 children)

No they should use context ads like duck duck go

[–] [email protected] 2 points 1 year ago

They should ad an option to pay for the service with not tracking nor ads.

load more comments (14 replies)