Enigma At the USENIX Enigma conference on Tuesday, representatives of four browser makers, Brave, Google, Microsoft, and Mozilla, gathered to banter about their respective approaches to online privacy, while urging people not to ask for too much of it.
Apple, which has advanced browser privacy standards but was recently informed that its tracking defenses can be used for er, tracking, was conspicuously absent, though it had a tongue-tied representative recruiting for privacy-oriented job positions at the show.
The browser-focused back-and-forth was mostly cordial as the software engineers representing their companies discussed notable privacy features in the various web browsers they worked on. They stressed the benefit of collaboration on web standards and the mutually beneficial effects of competition.
Eric Lawrence, program manager on the Microsoft Edge team, touched on how Microsoft has just jettisoned 25 years of Internet Explorer code to replatform Edge on the open source Chromium project, now the common foundation for 20 or so browsers.
Beside a slide that declared "Microsoft loves the Web," Lawrence made the case for the new Edge as a modern browser with some well-designed privacy features, including Microsoft's take on tracking protection, which blocks most trackers in its default setting and can be made more strict, at the potential cost of site compatibility.
Edge comes across as a reliable alternative to Chrome and should become more distinct as it evolves. It occupies a difficult space on the privacy continuum, in that it has some nice privacy features but not as many as Brave or Firefox. But Edge may find fans on the strength of the Microsoft brand since, as Lawrence emphasized, Microsoft is not new to privacy concerns.
That said, Microsoft is not far from Google in advocating not biting the hand that feeds the web ecosystem – advertising.
"The web doesn't exist in a vacuum," Lawrence warned. "People who are building sites and services have choices for what platforms they target. They can build a mobile application. They can take their content off the open web and put it into a walled garden. And so if we do things with privacy that hurt the open web, we could end up pushing people to less privacy for certain ecosystems."
Lawrence pointed to a recent report about a popular Android app found to be leaking data. It took time to figure that out, he said, because mobile platforms are less transparent than the web, where it's easier to scour source code and analyze network behavior.
Justin Schuh, engineering director on Google Chrome for trust and safety, reprised an argument he's made previously that too much privacy would be harmful to ad-supported businesses.
"Most of the media that we consume is actually funded by advertising today," Schuh explained. "It has been for a very long time. Now, I'm not here to make the argument that advertising is the best or only way to fund these things. But the truth is that print, radio, and TV, – all these are funded primarily through advertising."
And so too is the web, he insisted, arguing that advertising is what has made so much online content available to people who otherwise wouldn't have access to it across the globe.
Schuh said in the context of the web, two trends concern him. One, he claimed, is that content is leaving because it's easier to monetize in apps – but he didn't cite a basis for that assertion.
The other is the rise of covert tracking, which arose, as Schuh tells it, because advertisers wanted to track people across multiple devices. So they turned to looking at IP-based fingerprinting and metadata tracking, and the joining of data sets to identify people as they shift between phone, computer, and tablet.
Covert tracking also became more popular, he said, because advertisers wanted to bypass anti-tracking mechanisms. Thus, we have privacy-invading practices like CNAME cloaking, site fingerprinting, hostname rotation, and the like because browser users sought privacy.
Schuh made the case for Google's Privacy Sandbox proposal, a set of controversial specs being developed ostensibly to enhance privacy by reducing data available for tracking and browser fingerprinting while also giving advertisers the ability to target ads.
"Broadly speaking, advertisers don't actually need your data," said Schuh. "All that they really want is to monetize efficiently."
But given the willingness of advertisers to circumvent user privacy choices, the ad industry's consistent failure to police bad behavior, and the persistence of ad fraud and malicious ads, it's difficult to accept that advertisers can be trusted to behave.
Tanvi Vyas, principal engineer at Mozilla, focused on the consequences of the current web ecosystem, where data is gathered to target and manipulate people. She reeled off a list of social harms arising from the status quo.
"Democracies are compromised and elections around the world are being tampered with," she said. "Populations are manipulated and micro-targeted. Fake news is delivered to just the right audience at the right time. Discrimination flourishes, and emotional harm is inflicted on specific individuals when our algorithms go wrong."
Thanks, Facebook, Google, and Twitter.
Worse still, Vyas said, the hostile ecosystem has a chilling effect on sophisticated users who understand online tracking and prevents them from taking action. "At Mozilla, we think this is an unacceptable cost for society to pay," she said.
Vyas described various pro-privacy technologies implemented in Firefox, including Facebook Container, which sandboxes Facebook trackers so they can't track users on third-party websites. She also argued for legislation to improve online privacy, though Lawrence from his days working on Internet Explorer recalled how privacy rules tied to a privacy scheme known as P3P two decades ago had proved ineffective.
Speaking for Brave, CISO Yan Zhu argued a slightly different approach, though it still involves engaging with the ad industry to some extent.
"The main goal of Brave is we want to repair the privacy problems in the existing ad ecosystem in a way that no other browser has really tried, while giving publishers a revenue stream," she said. "Basically, we have options to set micropayments to publishers, and also an option to see privacy preserving ads."
Micropayments have been tried before but they've largely failed, assuming you don't consider in-app payments to be micropayments.
Faced with a plea from an attendee for more of the browser makers to support micropayments instead of relying on ads, Schuh said, "I would absolutely love to see micropayments succeed. I know there have been a bunch of efforts at Google and various other companies to do it. It turns out that the payment industry itself is really, really complicated. And there are players in there that expect a fairly large cut. And so long as that exists, I don't know if there's a path forward."
It now falls to Brave to prove otherwise.
Shortly thereafter, Gabriel DeWitt, VP of product at global ad marketplace Index Exchange, took a turn at the mic in the audience section in which he introduced himself and then lightheartedly asked other attendees not to throw anything at him.
Insisting that his company also cares about user privacy, despite opinions to the contrary, he asked the panelists how he could better collaborate with them.
It's worth noting that next week, when Chrome 80 debuts, Google intends to introduce changes in the way it handles cookies that will affect advertisers. What's more, the company has said it plans to phase out third-party cookies entirely in a few years.
Schuh, from Google, elicited a laugh when he said, "I guess I can take this one, because that's what everyone is expecting."
We were expecting privacy. We got surveillance capitalism instead. ®