Starting next February 16, 2025, Google will allow advertisers to use fingerprinting techniques (fingerprinting) for user tracking. This change, announced on the Google Marketing Platform support site at the end of the year, represents a significant shift in the company’s policies regarding the processing of user data.
The fingerprint is made up of a set of data such as IP address, geographic location, device language or operating system, all with the aim of identifying devices and users even when some piece of the puzzle fails. This methodology stands out for its ability to operate without the need for explicit consent from the user and it also does so in a way that is completely unrelated to the management of cookies.
In other words, the fingerprint is a very aggressive tracking process, since it does not require consent and all information is stored on remote servers, making it difficult not only to detect, but also to delete.
Years ago, Google positioned itself against the use of this technique, arguing that it undermined user choice and violated their privacy. However, the company is now defending its new policy, citing advances in privacy-enhancing technologies (PETs) and the growth of advertising-supported platforms and devices.
The Internet giant maintains that these innovations (among the PETs that Google mentions include procedures such as on-device processing, trusted execution environments and secure multi-party calculation) allow data to be managed more securely and enabled for its use with greater privacy. They are, in effect, an extension of the company’s plan for its advertising system outside of cookies; a movement perhaps more aggressive than expected, precisely due to the rejection that its proposal is causing in most web browsers, beyond Chrome.
However, the change has not gone unnoticed by regulatory bodies. The UK Information Commissioner’s Office (ICO) was one of the first institutions to respond, recalling that companies do not have complete freedom to implement these techniques without restrictions, also highlighting the contradiction between Google’s previous position and this new measure. .
One of the most controversial aspects of this update is the removal of a key rule in previous policies, in which Google prohibited advertisers from transmitting personally identifiable information on their part, or permanently marking a device using a unique identifier per device. or application. However, the new policy eliminates this last restriction, allowing advertisers to permanently identify devices and share this information with Google.
Of course, the web browser used is a key piece of the framework and Chrome is the best positioned for an unmitigated deployment of this measure… for coming from where it comes from and for acting in the way it does, transferring that unique device identifier to the application itself, just as, for example, Microsoft Edge also does.
Google and Chrome, however, have proven on more than one occasion to be untrustworthy, so the reaction of regulators and the response of users will be decisive. Although the company relies on technological advances to justify its decision, the debate about the ethical and legal implications of digital fingerprinting begins now.
