Skip to main content

Google has a new plan to replace cookies. Will it work?

In 2021, Google pulled the trigger on its grand plan to get rid of cookies — a fundamental but problematic part of the internet as we know it — and replace them with a new “privacy-first alternative” called Federated Learning of Cohorts, or FLoC. In theory, it was a great idea, but unfortunately, the scheme didn’t pan out nearly as well as Google had hoped.

Mired in regulatory troubles and industry backlash, Google aborted FLoC in January 2022 — but it’s not calling it quits just yet. It’s already back with a refreshed proposal called Topics, and it might be the company’s last shot at taking the reins of the “post-third-party cookie world” before its set 2023 deadline.

Ever since Google unveiled FLoC two years ago, it has hit one roadblock after another. Not only was the plan vehemently opposed by privacy advocates, internet companies, and advertisers, it also drew sharp scrutiny from regulators in the U.K. and the U.S., and it soon became evident that FLoC’s fate was written before it could launch publicly. Topics, which Google says is informed by “learning and widespread community feedback from earlier FLoC trials,” is supposed to be the silver bullet that addresses FLoC’s laundry list of concerns.

No one’s convinced if it can.

The ins and outs of Google Topics

A graphic introducing Google Topics.
Image used with permission by copyright holder

The way Topics works is rather simple. With Topics, your browser keeps an eye on your web activity and determines what you’re interested in based on the sort of websites you browse the most. If you regularly read sports news, for instance, it assigns you a “Sports” category or “Travel & Transportation” if you’ve been planning a vacation. It pinpoints one new topic for you every week and maintains a list of five of your most recent ones — with a sixth random one to throw off anyone trying to identify you. Whenever you visit a website, Chrome shares a couple of your interests with its advertising partners so that they can show ads relevant to you.

Google Topics sounds like a win-win on the surface. It not only allows advertisers to target your interests, but it does so without compromising any of your personal information. Even the browsing information the browser uses to infer your topics never leaves your computer — a remarkably more private experience from the invasive nature of cookies, which are essentially little bits of data advertisers store on your devices to profile and follow you across the internet.

Google argues, in a statement to Digital Trends, that killing third-party cookies altogether as others like Apple have tried will leave advertisers no option but to turn to new shady, covert mechanisms to track people. It contends that building a privacy-first alternative like Topics can offer a middle ground.

And to make its case (again), Google has learned from its FLoC mistakes to better engineer Topics.

Is Google Topics better than FLoC? Sort of

In FLoC, Chrome grouped people with similar browsing patterns together and let advertisers target these groups instead of an individual’s set of interests. The problem was that this approach could potentially expose a group of vulnerable users. If a few people were looking for loans online, for instance, advertisers could easily reach those going through financial hardships.

Topics’ categories aren’t automated like they were in FLoC, and people are assigned from a list of topics curated by humans (which excludes categories such as race, sexuality, and income). Because of this, Bennett Cyphers, a technologist at the Electronic Frontier Foundation, says Topics is more transparent and potentially lowers the risk of leaking sensitive information. Plus, Chrome users will have the option to opt out or delete any specific topic associated with them.

FLoC’s other big shortcoming was that because it swept your entire browsing history to learn your interests, it enabled advertisers to target you based on your every little movement on the internet — as opposed to cookies, which are more limited and only worked on the sites they were manually programmed on. Topics plugs into your browsing history as well, but Google has made a key modification to restrict access: Only the advertisers who are present on the site from where your topics are extracted can use them to target you.

By Google, for Google

Google CEO Sundar Pichai stands in front of a screen showing the Google logo.
Justin Sullivan/Getty Images

That, however, could prove a double-edged sword for Google. Dr. Jonathan Mayer, an assistant professor of technology law and policy at Princeton University, says Topics’ revised system will favor the biggest advertisers and reward their far-reaching presence on the web with richer information about users — “which would benefit Google and disadvantage its competitors.”

That’s where Google’s cookie quest, once again, begins to crumble. Topics, irrespective of its improvements, still raises a giant conflict of interest. Google is looking to control the very backbone of the industry from where it earns most of its revenue. And from the looks of it, solutions like Topics are cleverly designed to fix many of the problems of cookies, while also giving Google a leg up on its competitors.

Advertisers aren’t happy with how infrequently topics update, or their quantity restrictions. Google adds just one new topic every week, and given how rapidly online trends and people’s attention change, advertisers believe by the time they get a fresh batch, they’d be already outdated. The loss of third-party cookies is estimated to cut advertiser revenue by a staggering 70 percent, and Topics, many believe, could worsen that figure. Google has yet to share how effective the Topics system is compared to FLoC.

The forecasted dip in revenue will ultimately push advertisers to resort to covert tracking mechanisms anyway, rendering Google’s original argument for Topics futile.

Anudit Vikram,chief product officer at MediaMath, an ad-tech firm, says having access to just five topics in a given week provides “very little value to the advertiser,” and it will “very likely severely degrade the effectiveness of targeting.”

Some also fear Google will unfairly tap into the mountains of data it will extract through Topics to target people. In a statement, a company spokesperson told Digital Trends that “as the Privacy Sandbox proposals are developed and implemented,” their work will “not give preferential treatment or advantage to Google’s advertising products or to Google’s own sites.”

The forecasted dip in revenue will ultimately push advertisers to resort to covert tracking mechanisms anyway, rendering Google’s original argument for Topics futile. On top of that, Google admits it’s still possible for websites to correlate topics with other signals to infer sensitive information and profile users.

Mayer maintains three criteria to evaluate Google’s evolving proposals — and until they meet all of them, they’re unlikely to take off, he says. Those questions are: Would they respect people’s privacy preferences, would they protect them from shady tracking practices, and would they enable a more competitive online display advertising market?

“The answer to those questions for FLoC were no, no, and no. The answers to those questions for the Topics API are no, no, and no,” he said.

Shubham Agarwal
Shubham Agarwal is a freelance technology journalist from Ahmedabad, India. His work has previously appeared in Firstpost…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more