Google wants devs to promise they won't abuse new Chrome ad API

News
By Lewis Maddison
published

A new API for targeted ads can be abused - but just promise not to, says Google

Google Chrome browser app on iPhone
(Image credit: Shutterstock)

Google will soon be launching a new API for Chrome, designed to provide ads tailored to users' preferences within the web browser.

However, since the revelation that a fingerprinting attack on the API could lead to individuals being identified, Google has asked that developers refrain from abusing it by using this method. 

In responding to the discussion about the issue on GitHub,  Josh Karlin, a technical lead at Google responsible for Chrome, wrote, "we've added a requirement on Chrome that developers enroll to use the API and to attest that they won't abuse the API. That's not a technical solution, but I do believe it goes a long way to addressing this problem. Closing for now."

Topics API

The Topics API will come as part of Chrome version 115, set to release July 12. Mozilla and Apple have opposed using the new API for their respective browsers (FireFox and Safari), with both citing privacy concerns. 

read more

> Google's Privacy Sandbox initiative won’t save you from web tracking

> Apple under probe in Italy over alleged data privacy rules misconduct

> Security audit finds major issue in Mozilla VPN

Apple WebKit team member Anne van Kesteren also posted on GitHub to say that "We don’t think cross-site data about the user’s browsing behavior should be exposed in APIs." They also cited many other reasons for taking against the Topics API.

And Mozilla engineer Martin Thomson, in speaking for the company, said that, "we're "negative" on Topics. Our reasoning is different than that of Apple, though we broadly agree with many of the points they make."

Thomson also added, "Though the information the API provides is small, our belief is that this is more likely to reduce the usefulness of the information for advertisers than it provides meaningful protection for privacy. Unfortunately, it is hard to identify concrete ways in which this might be improved."

Google's previous attempt at an interest-based advertising API - Federated Learning of Cohorts (FLoC) - ended in failure, and this is another shot for the tech giant to plug the gap once third-party cookies disappear near the end of 2024

The Topics API is part of the Google Privacy Sandbox, and aims to maintain users' privacy whilst serving ads relevant to their interests. It allows a website to run a JavaScript code to find three topics based on the user's past visits, and show ads related to them.  

The problem is that web publishers could run the code on multiple websites and then build up a picture - or fingerprint - of the user. Earlier this month, Google announced changes to the Topic API to address concerns, but Mozilla, Apple and others in the space remain unconvinced.

Lewis Maddison
Reviews Writer

Lewis Maddison is a Reviews Writer for TechRadar. He previously worked as a Staff Writer for our business section, TechRadar Pro, where he had experience with productivity-enhancing hardware, ranging from keyboards to standing desks. 

His area of expertise lies in computer peripherals and audio hardware, including speakers and headphones, having spent over a decade exploring the murky depths of audio production and PC building. He also revels in picking up on the finest details and niggles that ultimately make a big difference to the user experience.