Disable Google's FLOC on your website

May 08, 2021 by Kolappan N

Google introduced in Mar 2021, a new cross-site tracking method called Federated Learning of Cohorts(FLoC) to aid advertisers target ads. The idea is that Chrome will track and analyse the browsing behaviour of a user and place them into groups or Cohorts. For example, a cohort may tell that you might be interested in a laptop ad since you recently browsed for laptop reviews and launches. The cohort Id is then shared with advertisers to show you personalised ads.

Why should I disable FLOC?

Google claims that FLOC enhances privacy because advertisers only see your interests and not your browsing history or personal data. This assumes that the advertiser will only use FLOC. But the problem is there is nothing blocking advertisers from tracking you across the web through fingerprinting. They can now combine the data they gather through fingerprinting with FLOC to further their tracking.

Another problem is that websites can link your interests with your identity. If you are logging into a website, it is possible for the website to now link your Cohort Id with your real identity.

I didn’t enable FLOC on my website. Users won’t be tracked on my website right?

No. Chrome will automatically include a website into FLOC data gathering if it detects that your website shows ads, which will automatically include most websites on the web.

How to opt out my website out of this?

Set the following HTTP response header Permissions-Policy: interest-cohort=() for your website. This will opt out your website from being used in FLOC calculations.

If you are a user, the best way to opt out of FLOC is to switch to a browser that doesn’t implement FLOC such as Firefox, Safari, Brave, etc…