Google wants devs to promise they won't abuse new Chrome ad API

Google Chrome browser app on iPhone
(Image credit: Shutterstock)

Google will soon be launching a new API for Chrome, designed to provide ads tailored to users' preferences within the web browser.

However, since the revelation that a fingerprinting attack on the API could lead to individuals being identified, Google has asked that developers refrain from abusing it by using this method. 

In responding to the discussion about the issue on GitHub,  Josh Karlin, a technical lead at Google responsible for Chrome, wrote, "we've added a requirement on Chrome that developers enroll to use the API and to attest that they won't abuse the API. That's not a technical solution, but I do believe it goes a long way to addressing this problem. Closing for now."

Topics API

The Topics API will come as part of Chrome version 115, set to release July 12. Mozilla and Apple have opposed using the new API for their respective browsers (FireFox and Safari), with both citing privacy concerns. 

Apple WebKit team member Anne van Kesteren also posted on GitHub to say that "We don’t think cross-site data about the user’s browsing behavior should be exposed in APIs." They also cited many other reasons for taking against the Topics API.

And Mozilla engineer Martin Thomson, in speaking for the company, said that, "we're "negative" on Topics. Our reasoning is different than that of Apple, though we broadly agree with many of the points they make."

Thomson also added, "Though the information the API provides is small, our belief is that this is more likely to reduce the usefulness of the information for advertisers than it provides meaningful protection for privacy. Unfortunately, it is hard to identify concrete ways in which this might be improved."

Google's previous attempt at an interest-based advertising API - Federated Learning of Cohorts (FLoC) - ended in failure, and this is another shot for the tech giant to plug the gap once third-party cookies disappear near the end of 2024

The Topics API is part of the Google Privacy Sandbox, and aims to maintain users' privacy whilst serving ads relevant to their interests. It allows a website to run a JavaScript code to find three topics based on the user's past visits, and show ads related to them.  

The problem is that web publishers could run the code on multiple websites and then build up a picture - or fingerprint - of the user. Earlier this month, Google announced changes to the Topic API to address concerns, but Mozilla, Apple and others in the space remain unconvinced.

Lewis Maddison
Staff Writer

Lewis Maddison is a Staff Writer at TechRadar Pro. His area of expertise is online security and protection, which includes tools and software such as password managers. 

His coverage also focuses on the usage habits of technology in both personal and professional settings - particularly its relation to social and cultural issues - and revels in uncovering stories that might not otherwise see the light of day.

He has a BA in Philosophy from the University of London, with a year spent studying abroad in the sunny climes of Malta.