What is Google FLoC and Do You Need to Block it?

Woman with iPad looking at Google-colored balls representing cohorts of Google FLoC
Click here for a quick summary
What is Google FLoC? A Quick Summary

Google FLoC (Federated Learning of Cohorts) organizes users into groups, called cohorts, for advertising purposes. Instead of using third-party cookies to track user behavior across websites, FLoC puts users into these interest-based groups using their Chrome browser history and machine learning.

Opposition to their third-party cookie solution is strong. The Electronic Frontier Foundation (EFF) has called it a “terrible idea,” while many browsers and website administrators have refused to support the technology, citing privacy and security issues.

Want to know more about Google FLoC and the backlash against it? Read the full article below.

On January 25th, Google announced that they were instating the Topics API to replace the Federated Learning of Cohorts (FLoC) project. This is the company’s attempt to reduce third-party cookie and ad targeting concerns.

Google plans to change the game in internet advertising by doing away with third-party cookies once and for all. In their place, the tech giant is implementing a technology called the Federated Learning of Cohorts (FLoC).

Though Google champions the move as progress towards a future of internet privacy, FLoC has already received a lot of flack from major players in the industry. Many companies that provide browsers and browser extensions have opted out of or blocked their solution, citing privacy and security concerns.

But how does Google FloC work? Is it the solution to privacy-invasive third-party cookies? And why are so many boycotting it?

What is Google FLoC? (Federated Learning of Cohorts)

Google’s original plan was to start blocking third-party cookies from its Chrome browser by January 2022. But in a June blog post, it announced a delay. The plan now, Google said, is to start gradually pulling those cookies in mid-2023, and eliminate them entirely by the end of the year.

Instead of using third-party cookies and Google Analytics to track individual users, Google is testing out a system that uses recent browser history and machine learning to track user activity.

Google began rolling out its new targeted ad tech in March 2021 and began testing the functionality with a limited number of Chrome users. With the eradication of third-party cookies, Google’s FLoC, a part of their larger Privacy Sandbox initiative, seeks to offer advertisers and users an alternative.

Google hasn’t provided many details on how the tech actually works. But the tech giant has pushed the idea that FLoC will protect users’ individual identities by lumping them together with other users into groups, called cohorts. Each cohort is formed by gauging the users’ recent interests through machine learning and given an ID.

For example, if you’re located in Chicago and have searched for vinyl records, you’d be grouped together with thousands of other Chicagoan users who made similar searches. Your group would get an ID, and then be targeted by ads from vinyl record shops in the city.

But critics say the implications of this solution go much further than your local record store.

Privacy Criticisms Against FLoC

Opponents to FLoC are saying it’s no different from the use of third-party cookies and could actually be worse. Third-party cookies track your moves from website to website and show you advertisements for products based on an analysis of those moves.

FLoC is simply analyzing your browser history instead of tracking your online behavior, critics say. The end goal is the same: Google is figuring out your behavioral patterns so they can serve up targeted advertising. Not only are they further invading users’ privacy, but once Google drops third-party cookies, they’ll also tighten their grip on the online advertising industry as a whole.

WordPress, one of the internet’s largest content management providers, called it a security concern. The Electronic Frontier Foundation (EFF) called it a “terrible idea.”

According to the EFF, FLoC could lead to discrimination and predatory targeting of consumers. Mortgage lenders could take a FLoC ID into consideration when reviewing an application. Predatory high-interest loan companies could target unsophisticated consumers, the EFF said.

While invasive third-party cookies need to be eliminated to get us closer to internet privacy, Google FLoC only creates new privacy concerns, the opposition says. Here are a couple of security issues worth noting:

Browser fingerprinting

Browser Fingerprinting Computer

Browser fingerprinting is when online trackers assign you a unique profile, essentially “fingerprinting” you in order to track you across the web for advertising purposes. The more distinct your online behavior is, the easier it is to fingerprint your browser.

Companies use this fingerprint to collect your interests, internet behavior and activity, and your repeated patterns for targeted advertising. They could also use this information for other, unspecified purposes. The more distinct and different a browser’s behavior is, the easier it is to identify.

The EFF noted that with Google FLoC’s cohort IDs, these online trackers would only have to sift through a few thousand profiles in a cohort to find a distinct browser. FLoC would give them a head start, the EFF said, as otherwise they’d have to look through hundreds of millions of records.

Google logins on other sites

FLoC cohorts can’t identify any one individual. But when you use a “log in with Google” feature on different websites and platforms, for example, trackers will likely be able to put two-and-two together.

When you log into a website using your Google account, you’re providing your profile and also your FLoC behavior. Trackers and companies could match up the information to figure out your unique identity, thrashing any hopes of privacy.

Chrome Flying Solo with FLoC

The general consensus among some browser providers is that Google FLoC has merely disguised itself as a privacy-friendly alternative to third-party cookies, though its solution is on par with or equal to their invasiveness.

Many internet browser companies have said that user privacy is at risk with FLoC, and they would not approve tracking or profiling in any form. Some of the browsers that have already opted out of FLoC, include:

  • In April, Vivaldi announced that its browser would not be supporting FLoC, calling it a “privacy-invasive tracking technology.”
  • Brave, another browser concerned with privacy, also opted out of FLoC, calling it a “step in the wrong direction.” They removed FLoC from their desktop and Android applications and disabled it on their websites.
  • DuckDuckGo, a browser app for mobile devices, also released an extension blocking FLoC on Chrome and other browsers.

Though Safari and Firefox haven’t come out against FLoC, neither company has indicated any plans to use the technology. Both initiated third-party cookie blocking in their browsers years ago. Microsoft Edge, the most popular Chromium-based browser, is developing its own solution to third-party cookies called Parakeet.

How Do I Block FLoC?

Google is only testing FLoC on Chrome, so the easiest way to opt out of FLoC is to not use Google Chrome. Firefox and Safari are both solid alternatives. If you’re concerned that companies may exploit your browser history, there are also plenty of other reasons to switch to a more secure browser.

Google Chrome comes with good security from hackers and cyberattacks. But if you’re using less secure browsers, you could lose your login credentials for different websites in a breach, accidentally navigate to malicious sites, or be more susceptible to malware. If you’re interested in the best internet browsers for your security and privacy, we’ve compiled a list of the top providers for 2021.

If you want to continue using Chrome, Google has said they’ll be introducing an option in Chrome’s settings to opt out of FLoC. This setting will place you in random cohorts, rather than targeted ones.

Until that option becomes available, there are several steps you can take now to avoid FLoC in Chrome:

  • Clear your cookies and browser history cache.
  • Turn syncing off.
  • Log out of your Google account when using Google Chrome.
  • You can choose to block third-party cookies in incognito mode, or block third-party cookies totally.
  • In your Google Ads Settings, you can also disable “Ad Personalization.”
  • In Google Activity Controls, disable “Web & App Activity” or “Include Chrome history and activity from sites, apps, and devices that use Google services.”
  • Use a VPN to protect and anonymize your internet behavior.

More anonymous with a VPN

If you use any browser other than Chrome (or don’t log in on Chrome), you can also use a VPN to stop FLoC. A VPN cloaks your IP address, creating a secure, encrypted tunnel so you can browse anonymously. This means that it won’t just help keep you safe from FLoC, but also from any other unwanted onlookers. Google, nor any third party, will be able to track your online behavior.

If you’d like to try out a VPN, we recommend NordVPN. This excellent provider is known for its secure connections and high levels of encryption. With this VPN, FLoC will doubtlessly have a much harder time tracking you.

Is Google FLoC enabled on my Chrome browser?

Google Chrome Logo

You’ll have to be using Google Chrome as your browser for FLoC to be enabled. Currently, FLoC isn’t being tested in the EU where the General Data Regulation Protection (GDRP) is in place.

The EFF recently launched AmIFLoCed.org so Chrome users could see if they’re being tested in or not in Google’s trial runs. According to Google, “a small percentage of users” in Australia, Brazil, Canada, India, Indonesia, Japan, Mexico, New Zealand, the Philippines, and the U.S. are currently being tested.

If you want to see whether FLoC is enabled in your browser, check out the website and run a test.

What are Third-Party Cookies?

Cookies are little snippets of information sent from a website. They’re stored on a user’s computer by browsers as the user navigates the internet. There are two types of cookies:

  • First-party cookies – these are created and stored by the site a user is visiting.
  • Third-party cookies – these are created and stored by other sites and companies who own some of the content on the site. Think advertisements and images.

Companies create first-party cookies to better the user’s online experience. They do this by saving browsing information. First-party cookies keep you signed in to a site, remember your online shopping cart, save items you were interested in buying, and show you other relevant content.

Outside companies use third-party cookies to track your activities and browsing habits on the internet. Ad tech companies and web publishers use this data to reach individuals with targeted ads. Think about that phone charger you searched for a few days ago. It’s no coincidence that the same charger has been following you around your social media accounts, favorite websites, and searches. Your web browser stored a third-party cookie and is using the fact you searched for a charger to send you targeted advertisements.

What’s Next?

Though these third-party cookies have been the backbone of online advertising and ad tech companies for years, the internet is moving toward a cookie-free solution one way or another. Many have welcomed the death of the cookie with open arms. Whether or not FLoC comes out on top as the solution remains to be seen. With Google planning to oust all cookies by mid-2023, only time will tell where we’re headed.

What is Google FLoC? - FAQ

Do you have a question about Google FLoC? Click on one of our frequently asked questions below to view the answer.

FLoC (Federated Learning of Cohorts) is Google’s proposed browser technology set to eliminate third-party cookies. Instead of tracking individual users across websites using third-party cookies, FLoC uses browser history and machine learning to gauge users’ interests. Those users are then grouped by their interests in cohorts for targeted advertising.

If you’re concerned about your online privacy, you may want to opt out of Google FLoC. Right now, Google FLoC is only being tested on a limited number of Chrome users. So the easiest way to opt out is to use an alternative browser. If you’re using Chrome, there are measures you can take to protect your privacy.

FLoC isn’t being test in the EU due to General Data Regulation Protection (GDRP). If you’re located in Australia, Brazil, Canada, India, Indonesia, Japan, Mexico, New Zealand, the Phillippines, or the U.S. you could be a part of the small percentage being tested. If you want to see if FLoC is enabled on your browser, check out our full article.

Tech journalist
Taylor is a tech writer and online journalist with a special interest in cybersecurity and online privacy. He’s covered everything from sports and crime, to explosive startups, AI, cybercrime, FinTech, and cryptocurrency. For VPNOverview.com he follows news and developments in online privacy, cybersecurity, and internet freedom.