Mentions Google / Alphabet

SAN FRANCISCO — Google has agreed to settle a $5 billion privacy lawsuit alleging that it spied on people who used the "incognito" mode in its Chrome browser — along with similar "private" modes in other browsers — to track their internet use.

The class-action lawsuit filed in 2020 said Google misled users into believing that it wouldn't track their internet activities while using incognito mode. It argued that Google's advertising technologies and other techniques continued to catalog details of users' site visits and activities despite their use of supposedly "private" browsing.

Think of every enshittification as being preceded by an argument. Some people say, “We should extract this surplus: it will make our bosses happy, make our shareholders richer, and increase our bonuses.”

When the people on the other side of that argument said, “If we do what you suggest, it will be make our product worse and it will cost us more money than it will make us,” they tend to win the argument.

When all they can say is, “Yes, this will make us more money, but it will make the product worse,” they forever lose the argument.

The elimination of competition – and the ensu­ing capture of regulation – removed the discipline imposed by the fear of customers defecting as the product degraded. The harder it is for users to leave a service, the easier it is for the factions within a company to best their rivals in the debate over whether they should be allowed to make the service worse.

That’s what changed. That’s what’s different. Tech didn’t get worse because techies got worse. Tech got worse because the condition of the ex­ternal world made it easier for the worst techies to win arguments.

The timeline around a stable channel rollout is worded kind of strangely. The company says: "We expect it will take at least a month to observe and stabilize the changes in pre-stable before expanding the rollout to stable channel Chrome, where it will also gradually roll out over time. The exact timing may vary depending on the data collected, and during this time, we will keep you informed about our progress." It's unclear what "data" Google is concerned with. It's not the end of the world if an extension crashes—it turns off and stops working until the user reboots the extension. Maybe the company is concerned about how many people Google "Firefox" once their ad-blocker stops working.

[…] 

Google's sales pitch for Manifest V3 is that, by limiting extensions, the browser can be lighter on resources, and Google can protect your privacy from extension developers. With more limited tools, you'll be more exposed to the rest of the Internet, though, and a big part of the privacy-invasive Internet is Google. The Electronic Frontier Foundation called Google's description of Manifest V3 "Deceitful and Threatening" and said that it's "doubtful Mv3 will do much for security."

Google intended its Web Environment Integrity API, announced on a developer mailing list in May, to serve as a way to limit online fraud and abuse without enabling privacy problems like cross-site tracking or browser fingerprinting.

[…] 

To do this, the system would need to check, via attestation, whether the visitor's software and hardware stack met certain criteria and thus was authentic. That's great until it's abused to turn away visitors who have a setup a website owner isn't happy with – such as running a content blocker or video downloader.

Technical types saw this immediately, and became concerned that Google wanted to create a form of digital rights/restriction management (DRM) for the web. One benefit could be that ad fraud might be easier to prevent; but the risk is that the API could be used to limit web freedom, by giving websites or third-parties a say in the browser and software stack used by visitors.

Apple incidentally has already shipped its own attestation scheme called Private Access Tokens, which while it presents some of the same concerns is arguably less worrisome than Google's proposal because Safari's overall share of the web browser market across all devices is far lower than Chrome's.