Google - yes, that Google - testing proxy scheme to hide IP addresses for privacy
Plan for Chrome echoes Apple iCloud Private Relay
Google says it plans to prototype a technique to mask IP addresses via network proxies in future versions of its Chrome browser, a privacy protection similar to Apple's iCloud Private Relay service for its Safari browser.
The project first surfaced as part of Privacy Sandbox back in 2021 when it was initially referred to as "ip-blindness" or "Gnatcatcher." It is now called IP Protection, where IP refers to Internet Protocol and not intellectual property.
The project, planned initially for Chrome on both Android and the desktop, is an effort to limit cross-site tracking on the web that complements the move away from third-party cookies, another mechanism for ad-focused surveillance. It does not address browser fingerprinting – apart from making IP addresses less useful for generating a fingerprint value – or CNAME tracking. Nor does it deal with tracking via native apps.
"As browser vendors make efforts to provide their users with additional privacy, the user’s IP address continues to make it feasible to associate users’ activities across origins that otherwise wouldn’t be possible," the IP Protection explainer says.
"This information can be combined over time to create a unique, persistent user profile and track a user’s activity across the web, which represents a threat to their privacy. Moreover, unlike with third-party cookies, there is no straightforward way for users to opt out of this kind of covert tracking."
Google says it will initially test IP protection using a single Google-owned proxy that only works on domains it controls. A subsequent test phase will involve a two-hop proxy setup that puts both a Google-owned and a third-party proxy server between the client and the destination server. One of these proxies will not see the client destination and the other will not see the client IP address.
While a number of people have expressed concern in the IP Protection issue tracker about Google proxying browser traffic, the Chocolate Factory's approach shares some similarities to the IETF's Masque proposal.
- Everything Apple announced: Tor-ish Safari anonymization. Cloaked iCloud addresses. Cloud CI/CD. And more
- Shot down: Google's grand fancy plan for pro-privacy targeted ads
- Google ready to kick the cookie habit by Q3 2024, for real this time
- Mobile networks really hate Apple's Private Relay: Some folks find iOS privacy feature blocked on their iPhones
Whether TAG's rejection of Google's Topics API played a role in the decision not to seek a review of IP Protection isn't clear, but skipping this step has occurred often enough that those involved recently sent out a reminder to do so. In any event, a Google engineer has indicated that a review might be requested at some point in the future.
Implementation is currently underway and a number of details need to be ironed out before Chrome's IP Protection moves into full testing. These include ensuring anti-abuse mechanisms are available and allowing IP-based geolocation services – widely used for content localization and ad targeting – continue to function.
Also, this experiment does not include Android WebView-based applications. So at this point, native Android apps that embed Chrome as a WebView will not have access to IP Protection, it seems.
"We plan to publish more details on our timelines this summer, so stay tuned," explained Google project manager James Bradley in a post to the project's GitHub repo.
"We expect to launch IP Protection as an opt-in feature initially, which will later on become the default setting. The reason for this is that we recognize that this proposal may involve some significant changes for companies, and as is true for all Privacy Sandbox proposals, we want to give the ecosystem time to adjust and provide feedback before the feature is rolled out broadly." ®