Chrome's Related Website Sets feature raises privacy concerns

Research shows users struggle to identify related sites, potentially enabling cross-site tracking in Chrome despite third-party cookie deprecation.

RWS

By Luís Rijo, on August 31, 2024 2:46 AM

Subscribe the Newsletter

Brave Software this week published research highlighting privacy concerns with Google Chrome's proposed Related Website Sets (RWS) feature. The study, conducted in collaboration with researchers from the University of St Andrews, Imperial College London, and Hong Kong University of Science & Technology, found that users often cannot accurately determine when websites are related to each other, undermining a key assumption of the RWS proposal.

Related Website Sets is a feature Google plans to implement in Chrome as part of its Privacy Sandbox initiative. According to Google, RWS would allow websites owned by the same entity to share data through first-party cookies, even after third-party cookies are deprecated.

The research, to be presented at the 2024 Internet Measurement Conference, involved 30 web users who were shown 20 pairs of websites and asked to determine if they were operated by the same organization. The study results revealed that:

Approximately 73% of participants made at least one incorrect determination.
Nearly 42% of all determinations made during the study were incorrect.
In cases where sites were actually related (according to the RWS feature), users incorrectly guessed they were unrelated about 37% of the time.

These findings suggest that the premise underlying RWS - that users can anticipate when sites are related and expect data sharing between them - may be fundamentally flawed. The researchers argue that this could lead to unexpected privacy breaches, as users may not realize when their data is being shared across seemingly unrelated websites.

The study authors also point out that modern web browsers are capable of preventing cross-site tracking, even between sites owned by the same company, unless users explicitly use the same credentials across those sites. They argue that RWS could entrench a privacy-harmful assumption in the web platform, rather than working to eliminate cross-site tracking altogether.

Brave Software, along with other browser developers including Mozilla (Firefox) and Apple (Safari), have publicly stated their opposition to Related Website Sets. The proposal has been removed from consideration by privacy-focused groups within the World Wide Web Consortium (W3C).

If two sites are owned by the same organization, Chrome will allow third-party cookies between them.

This would let Google link YouTube videos you watch to your Google profile, even when you’re not logged into YT, and even after third-party cookies are deprecated in Chrome.
— Brave (@brave) August 26, 2024

Critics of RWS raise several additional concerns

Domain ownership changes: There is no clear mechanism to remove sites from Related Website Sets if ownership changes hands, potentially leading to unexpected data sharing.
Language and perception issues: The ability to perceive site relationships may be further compromised when users visit sites in languages they do not understand.
Timing of user decisions: Users would need to determine if sites are related before visiting them to avoid potential tracking, which is often impractical or impossible.
Expansion of tracking capabilities: RWS could allow companies like Google to link user behavior across their various properties (e.g., YouTube and Google Search) even when users are not logged in.

Paper: A First Look at Related Website Sets

Stephen McQuistin (University of St Andrews), Peter Snyder (Brave Software), Hamed Haddadi (Imperial

A First Look at Related Website Sets.pdf

642 KB

Proponents of RWS argue that it helps preserve important user-facing features and site compatibility after third-party cookie deprecation. However, critics contend that many of these use cases can be addressed through other means, as evidenced by the functionality of browsers that do not implement RWS.

The debate over Related Website Sets highlights the ongoing tension between preserving web functionality and protecting user privacy as the digital advertising ecosystem evolves. As browser vendors and web standards bodies continue to grapple with these issues, users are advised to stay informed about the privacy features and limitations of their chosen web browsers.

Key facts

Study conducted by researchers from Brave Software, University of St Andrews, Imperial College London, and Hong Kong University of Science & Technology
Research to be presented at the 2024 Internet Measurement Conference
30 web users participated in the study, evaluating 20 pairs of websites each
73% of participants made at least one incorrect determination about site relationships
42% of all determinations in the study were incorrect
Users incorrectly guessed unrelated 37% of the time for actually related sites
Related Website Sets proposal has been removed from W3C privacy-focused groups
Brave, Firefox, and Safari have publicly opposed the RWS feature
Concerns include domain ownership changes, language barriers, and timing of user decisions
RWS could allow cross-site tracking even after third-party cookie deprecation

Subscribe the Newsletter