WordPress may ban Google FLoC over security fears

The web engine joins a list of growing parties to decline to support the controversial third-party cookie alternative

WordPress may treat Google’s proposals to replace third-party cookies with a Federated Learning of Cohorts (FLoC) mechanism for recording browsing history as a potential security risk.

A post on the WordPress Core development team blog has urged the platform to consider banning FLoC because this replacement for third-party cookies supposedly unethically places people into groups based on their browsing habits. 

Any prospective move would be significant because WordPress powers 41% of platforms across the web, according to the organisation, and adds weight to a growing list of entities strongly opposed to the introduction of Google’s FLoC.

A string of popular web browsers, for example, including Mozilla’s Firefox, Opera, Brave and Edge have all opted out of the FLoC experiment, according to The Verge. Trials set to take place in the EU, meanwhile, have been delayed because of concerns they violate GDPR, according to Adexchanger.

Google has proposed FLoC as an alternative to third-party cookies to refine the process of using data to target web users with tailored adverts. This system is a way of making your browser profile users in the way that third-party tracker used to do, assigning a label to each user based on their behaviour, before sharing these with other websites and advertisers.

Related Resource

Address multi-cloud configuration risks

Cloud security challenges and how to overcome them

Cloud security challenges and how to overcome them - webinar from Trend MicroWatch now

The likes of the Electronic Frontier Foundation (EFF) have complained that it exacerbates the worst tendencies of third-party cookies, while also allowing organisations and governments to discriminate against individuals. 

The post calls for WordPress to brand this a security risk because this practice “is likely to facilitate employment, housing and other types of discrimination, as well as predatory targeting of unsophisticated consumers.” 

The proposal, which is only being considered at present, would involve automatically blocking FLoC support from all its websites by default, with administrators able to opt-in at a later date should by making changes themselves. The only way to roll out an automatic block is by considering FLoC as a security issue, not an ethical issue. 

Simon Dickson, who used to manage the WordPress VIP enterprise services team, clarified that nothing has yet been agreed, although the matter is under discussion. 

"Framing it as a security concern is understandable, but problematic," he added. "As several influential folks have noted already, 'security updates' are there to fix something that's demonstrably broken. People should feel able to apply them without (much) consideration.

"This will be an interesting test of WordPress's commitment to an open web. With 40% of the web running our software, what responsibility do we feel to respond to developments like this? And do we have appropriate decision-making structures to make that call?"

Featured Resources

How to be an MSP: Seven steps to success

Building your business from the ground up

Download now

The smart buyer’s guide to flash

Find out whether flash storage is right for your business

Download now

How MSPs build outperforming sales teams

The definitive guide to sales

Download now

The business guide to ransomware

Everything you need to know to keep your company afloat

Download now

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021