IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

WordPress may ban Google FLoC over security fears

The web engine joins a list of growing parties to decline to support the controversial third-party cookie alternative

WordPress may treat Google’s proposals to replace third-party cookies with a Federated Learning of Cohorts (FLoC) mechanism for recording browsing history as a potential security risk.

A post on the WordPress Core development team blog has urged the platform to consider banning FLoC because this replacement for third-party cookies supposedly unethically places people into groups based on their browsing habits. 

Any prospective move would be significant because WordPress powers 41% of platforms across the web, according to the organisation, and adds weight to a growing list of entities strongly opposed to the introduction of Google’s FLoC.

A string of popular web browsers, for example, including Mozilla’s Firefox, Opera, Brave and Edge have all opted out of the FLoC experiment, according to The Verge. Trials set to take place in the EU, meanwhile, have been delayed because of concerns they violate GDPR, according to Adexchanger.

Google has proposed FLoC as an alternative to third-party cookies to refine the process of using data to target web users with tailored adverts. This system is a way of making your browser profile users in the way that third-party tracker used to do, assigning a label to each user based on their behaviour, before sharing these with other websites and advertisers.

Related Resource

Address multi-cloud configuration risks

Cloud security challenges and how to overcome them

Cloud security challenges and how to overcome them - webinar from Trend MicroWatch now

The likes of the Electronic Frontier Foundation (EFF) have complained that it exacerbates the worst tendencies of third-party cookies, while also allowing organisations and governments to discriminate against individuals. 

The post calls for WordPress to brand this a security risk because this practice “is likely to facilitate employment, housing and other types of discrimination, as well as predatory targeting of unsophisticated consumers.” 

The proposal, which is only being considered at present, would involve automatically blocking FLoC support from all its websites by default, with administrators able to opt-in at a later date should by making changes themselves. The only way to roll out an automatic block is by considering FLoC as a security issue, not an ethical issue. 

Simon Dickson, who used to manage the WordPress VIP enterprise services team, clarified that nothing has yet been agreed, although the matter is under discussion. 

"Framing it as a security concern is understandable, but problematic," he added. "As several influential folks have noted already, 'security updates' are there to fix something that's demonstrably broken. People should feel able to apply them without (much) consideration.

"This will be an interesting test of WordPress's commitment to an open web. With 40% of the web running our software, what responsibility do we feel to respond to developments like this? And do we have appropriate decision-making structures to make that call?"

Featured Resources

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

The Total Economic Impact™ of IBM robotic process automation

Cost savings and business benefits enabled by robotic process automation

Free Download

Multi-cloud data integration for data leaders

A holistic data-fabric approach to multi-cloud integration

Free Download

MLOps and trustworthy AI for data leaders

A data fabric approach to MLOps and trustworthy AI

Free Download

Most Popular

The top 12 password-cracking techniques used by hackers

The top 12 password-cracking techniques used by hackers

14 Nov 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022
Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation
cyber crime

Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation

25 Nov 2022