GitHub is blocking Google's new third-party cookie tracking alternative, Federated Learning of Cohorts (FLoC), across all of GitHub Pages. Those GitHub Pages served from the github.io domain will now come with a Permissions-Policy: interest-cohort=() header set, although Pages sites with custom domains will not.
- Several big names have also spoken out against the new alternative and implemented similar moves. WordPress is proposing automatically blocking FLoC by default on its websites, dubbing it a security risk. However, WordPress says it may add a setting that will enable admins to control whether FLoC is allowed.
- Firefox, Brave, and Vivaldi have also issued similar moves. According to Vivaldi, FLoC does not protect privacy in the way Google claims, but will instead keep a tab on your browsing history, expose your data, and more. As a result, despite the fact Vivaldi uses the Chromium engine, the browser will not support the FLoC API and plans to disable it.
- One web developer recently published a guide showing others how to opt their site out of Google's FLoC Network. Developer Paramdeo Singh shows you how to ensure your web server doesn't participate in the network by adding a custom HTTP response header to web and proxy server configurations.
- Google's ultimate plan is to end support for all third-party cookies in Chrome and the Chromium browser engine by 2022 as a part of its Privacy Sandbox project. Google first announced last year that Chrome will eventually phase out third-party cookies and will also stop updating its user-agent string.