Unlike browser resources such as cookies which offer users the ability to control or clear them, other aspects of browsers can be used to track and identify users in a way that they cannot control. These convert tracking mechanisms such as fingerprinting and cache inspection, leverage details of browsers that people are often not aware of and are hard for individuals to protect themselves against. In order to combat these opaque tracking vectors, Chrome is both proposing several new technologies to the web community to limit fingerprinting surfaces and taking action to close down these back channels of tracking information.
Fingerprinting is the generation of a unique identifier derived from intrinsic differences between one user’s device and another’s that are detectable. Stable fingerprints are particularly dangerous in that they can be used to re-identify a user across any site indefinitely and users do not have the ability to manually clear them like cookies can be cleared. Unstable fingerprints are derived from information which may only be stable for a short period of time, but can be used to link identities across sites that are visited within that period of stability
Our overarching strategy to combat fingerprinting and not impede the development of the web is the Privacy Budget proposal. After conducting a study to measure the amount of entropy exposed by each surface, we will start to enforce a limit on entropy collected by each site. Once the limit is reached, the site will no longer be able to collect any further entropy.
IP Address is a large single source of entropy. We will explore options for removing it as a reliable source of entropy. Willful IP Blindness is one approach that would facilitate an application server not receiving an IP address from separate connection handling infrastructure. This separation would afford for the use of IP addresses in more positive uses such as combating spam, fraud, and denial of service while preventing it from being used by the application service to covertly track a user.
Modern browsers expose several bits of information to web sites by default. Several projects are underway to remove this exposure and introduce alternative methods by which sites can query only the information they need. Examples include obsoleting the User Agent string in transition to Client Hints.
Certain APIs expose more information than is strictly needed for their purpose. Efforts are underway to systematically identify these APIs and reduce the information exposed to the minimum required for their motivating use cases. Examples include the device orientation and battery-level APIs.