In the latest move to improve the privacy of the Chrome browser, Google is adding support for a new HTML tag that prevents user tracking by isolating embedded content from the page embedding it.
Currently, web browsers allow third-party iframes to communicate with their embedding page. This can be done using postMessage, attributes (e.g., size and name), and permissions.
With browser developers restricting third-party cookies to prevent user tracking, advertising companies have proposed different programming APIs that advertisers can use for interest-based advertising.
These new interest-based advertising technologies include Google's FLoC, Microsoft's PARAKEET, and Facebook's Conversion Lift.
However, when third-party cookies have been removed, these technologies should not be possible to track users by the cross-joining of data between an iframe and its embedder.
To prevent this, Google is adding a new form of embedded iframe called a "fenced frame" to isolate the embedded content and not allow it to see the user data of the embedding page.
"This can be helpful in preventing user tracking or other privacy threats," the company noted.
What are Fenced Frames?
Fenced Frames are a new form of an embedded document, and it "forces a boundary between the embedding page and the cross-site embedded document." This change ensures that two sites cannot share your data, which would help prevent user tracking or other privacy threats.
According to Google, fenced frames have the following characteristics.
- They’re not allowed to communicate with the embedder and vice-versa, except for certain information such as limited size information, the embedder’s top-level site, and the frame’s document url.
- They do not have storage access (e.g., cookies, localStorage, etc.) by default.
- They may have access to some unpartitioned user data, for example, turtledove interest group.
According to Google, fenced frames will have read-only access to some unpartitioned storage, and the API has a new element type.
Google Chrome status page for this feature states that fenced frames are still a prototype and are not in active development.
However, its recent addition to test builds shows that Google plans on bringing this feature to the Chrome browser in the future.
Comments
Whalley_World - 2 years ago
Did Google mention whether this is supposed to replace FLoC?
NoneRain - 2 years ago
They probably won't replace it, since it's not beneficial to them as FLoC is.
U_Swimf - 2 years ago
"Did Google mention whether this is supposed to replace FLoC?"
https://en.m.wikipedia.org/wiki/Federated_Learning_of_Cohorts
^ for anyone wondering
I'm missing the connection between the news and my limited understanding of the two. But it sounds to me like they're trying to fingerprint everyone's devices like another advertising ID? What's wrong with that one? Sales must be down.. smh