As Google tests out its replacement for third-party cookies, the Federated Learning of Cohorts, the company has faced a lot of scrutinies for the initiative. Now, some regulators in the EU are raising concerns about FLoC as well that could spell trouble for the future of Google’s initiative.
WIRED reports that regulators in Germany, Belgium, and France have raised concerns regarding FLoC. Johannes Caspar, a data protection commissioner in Germany, said that the technology “leads to several questions concerning the legal requirements of the GDPR.” His concern appears to mainly be with the default enabling of FLoC in the Chrome browser.
Implementing users into the FLoCs could be seen as an act of processing personal data. And this requires freely given consent and clear and transparent information about these operations.
A spokesperson for France’s data regulator, Commission nationale de l’informatique et des libertés (CNIL), said that CNIL is being “particularly attentive” to FLoC and another EU country, Belgium, is also keeping an eye on the tech as well. The UK has been investigating FLoC since January and the Irish Data Protection Commission has also been “consulting” with Google on the proposal.
The EU as a whole has yet to announce any formal investigation into FLoC, but Google has yet to even trial the technology in that region due to the GDPR. In a statement, Chrome’s product manager said:
EU privacy law sets high standards for user transparency and control, and that’s what we envision for FLoC. We know that the input of data protection authorities is key to getting this right, which is why we have begun early stage conversations about the technology and our plans.
Previously, several companies have come out against FLoC. WordPress is considering turning off FLoC by default on all of the sites it powers, a huge portion of the web. Brave, Vivaldi, and DuckDuckGo have also strongly come out against the initiative, as has the EFF.