Google closes Chrome Incognito Mode loophole to improve privacy
Google is beefing up Chrome’s Incognito Mode. The company confirmed in a blog post on Thursday that it is closing an API-related loophole that made it possible to detect when people were privately browsing in Chrome.
The change has been in the works for several months but will take effect on July 30. Chrome has roughly 61% of the U.S. browser market, desktop and mobile combined.
Detecting users trying to avoid paywalls. Google explains that some publishers with paywalls had been using the loophole to “deter metered paywall circumvention.” In other words, publishers were able to detect the availability of the FileSystem API, which would return an error message in Incognito Mode. They could then potentially infer that the user was trying to circumvent paywall metering and compel the user to log-in, return to public browsing mode or otherwise prevent that person from accessing the desired content.
As mentioned, Google has been testing the change since April and publishers are not happy. They see move as supporting user efforts to get around paywalls. In the past several years, Google has stepped up its efforts to help publishers generate revenue and abandoned the “one-click free” policy that was so controversial with many news publishers.
Publishers will be affected. There’s no clear data on how many users take advantage of private browsing to avoid metered paywalls, but Google acknowledged publishers would be impacted by the change. The company offered a number of recommendations accordingly:
- Reduce the number of metered free articles
- Require free registration to view content
- “Harden” paywalls (i.e., make them more strict)
Don’t do anything rash. Before making any such changes, however, Google said, “We suggest publishers monitor the effect of the FileSystem API change before taking reactive measures since any impact on user behavior may be different than expected and any change in meter strategy will impact all users, not just those using Incognito Mode.”
To avoid a future game of cat and mouse, Google explained that it would “work to remedy any other current or future means of Incognito Mode detection.”
Incognito Mode blocks third-party cookies and doesn’t include sites visited in user history. However, it doesn’t prevent ISPs from understanding user visitation behavior or fully block visited sites or ad tracking technology from seeing users.
Why you should care. As indicated, publishers aren’t thrilled by the change. While Google says it’s closing a loophole, many publishers view Inconito Mode itself as a loophole for users trying to escape their paywalls.
These changes may compel more publishers to reduce or abandon metering and embrace a “hard paywall.” In other words, no free content. That could frustrate searchers who would encounter more links that have registration or subscription screens, creating a poor user experience.