Securiti leads GigaOm's DSPM Vendor Evaluation with top ratings across technical capabilities & business value.

View

Google Ends FLoC, Introduces New Replacement For Cookies

Published March 14, 2022
Author

Omer Imran Malik

Data Privacy Legal Manager, Securiti

FIP, CIPT, CIPM, CIPP/US

Listen to the content

This post is also available in: Brazilian Portuguese

What are Cookies & Their Use?

Cookies have been an integral part of the advertising and digital marketing world for over a decade. It wouldn't be wrong to state that cookies have played an instrumental role in shaping how websites can create a far more personalized experience for each visitor based on their behavior on the site.

However, despite being pivotal in elevating user experiences online, there has long been a debate over the ethics of cookies. Whether it's first-party cookies, third-party cookies, tracking cookies, or session cookies, each one relies on monitoring how the user behaves on a website with pinpoint accuracy. Some people have labeled such a level of accuracy akin to surveillance.

Google & Its Cookie Problem

There has also been the question of cookies failing to perform their functions as a website claims, with some cookies far exceeding the purposes stated when gaining the users' consent. These claims have come to the fore ever since the General Data Protection Regulation (GDPR) was implemented in 2018. Issues of privacy and the responsibility of websites to ensure a user's right to privacy is not abused meant that some of the biggest names in the tech world had to rethink how they go about creating a personalized experience for their users online.

Google Introduces Federated Learning Cohorts (FLoCs)

Google's initiative was to replace cookies altogether. Federated Learning of Cohorts (FLoC) would help it cater to its users by categorizing all users into groups based on their shared interests online. However, Google has now decided to scrap the project altogether for a new approach known as Topics. While the exact reason why Google has put the entire FLoC project on the shelf remains unclear, many industry experts believe it has to do with Google shifting away from individualized data collection methods of any kind.

On the other hand, Google's Privacy Sandbox lead Ben Galbraith said that the FloC trials were instrumental in helping Google figure out how to incorporate Topics within its ecosystem. The FLoC trials also helped them identify the pros and cons of their proposed FLoC. The combination of trial participants' insights and headways in Google's own methodology paved the way for Topics API.

Google Is Now Actively Testing Topics

Speaking to TechCrunch, Ben Galbraith stated, “And this resulted in a bunch of great feedback from the community, as I’m sure you know. As such, Topics replaces our FLoC proposal and I want to emphasize that this whole process of sharing a proposal, doing a trial, gathering feedback, and then iterating on the designs — this is the whole open development process that we wanted for the Sandbox and really shows the process working as intended.”

He further stated, “The design of topics was informed by our learnings from the earlier FLoC trials.”

What is “Topics” by Google, really?

The core idea behind Topics is that it'll learn about your interests based on your overall internet browsing patterns.

  • It'll only keep data for the past three weeks of any user's browsing history;
  • Google plans to restrict the number of topics it can triangulate on any user at around 300.

Instead of categorizing users as was the methodology in FLoC, Topics will categorize the websites a user visits instead. Google plans on putting a machine learning algorithm into place to ensure each website is adequately categorized based on the name of the domain and the content within it.

How does “Topics” impact Websites that depend on Ad revenue?

The Topics API will be of particular interest to those that wish to pursue interest-based targeted advertising. A site will be able to show users ads based on the topics they've been interested in the past three weeks. As far as users are concerned, they'll have a more significant amount of control over what ads they see since they'll be able to remove topics from their interests or disable the entire Topics API entirely during their browsing sessions.

Google expects Topics API trials to begin by the end of Q1 of 2022.

What Next For Cookies?

This is just another reminder for businesses of all sizes that the days of unhindered access to user data based on cookies are well and truly over. Moreover, users are now more educated about their data rights than ever before.

Hence, it is in every organization's best interest to ensure it remains compliant with data protection laws globally. The best and by far the most effective way to achieve that is via automation.

Prepare for an Evolving Cookie Landscape by Collecting First-Party Data with Securiti’s Consent Solution

Securiti is a market leader in providing enterprise solutions for gathering user consent at scale, across all customer touchpoints. This solution can help your organization continue collecting valuable data for marketing purposes, comply with global data privacy regulations, and give your customers control over their personal data.

Request a demo today to see Securiti's tools in act.

 

Join Our Newsletter

Get all the latest information, law updates and more delivered to your inbox


Share

More Stories that May Interest You
Videos
View More
Mitigating OWASP Top 10 for LLM Applications 2025
Generative AI (GenAI) has transformed how enterprises operate, scale, and grow. There’s an AI application for every purpose, from increasing employee productivity to streamlining...
View More
DSPM vs. CSPM – What’s the Difference?
While the cloud has offered the world immense growth opportunities, it has also introduced unprecedented challenges and risks. Solutions like Cloud Security Posture Management...
View More
Top 6 DSPM Use Cases
With the advent of Generative AI (GenAI), data has become more dynamic. New data is generated faster than ever, transmitted to various systems, applications,...
View More
Colorado Privacy Act (CPA)
What is the Colorado Privacy Act? The CPA is a comprehensive privacy law signed on July 7, 2021. It established new standards for personal...
View More
Securiti for Copilot in SaaS
Accelerate Copilot Adoption Securely & Confidently Organizations are eager to adopt Microsoft 365 Copilot for increased productivity and efficiency. However, security concerns like data...
View More
Top 10 Considerations for Safely Using Unstructured Data with GenAI
A staggering 90% of an organization's data is unstructured. This data is rapidly being used to fuel GenAI applications like chatbots and AI search....
View More
Gencore AI: Building Safe, Enterprise-grade AI Systems in Minutes
As enterprises adopt generative AI, data and AI teams face numerous hurdles: securely connecting unstructured and structured data sources, maintaining proper controls and governance,...
View More
Navigating CPRA: Key Insights for Businesses
What is CPRA? The California Privacy Rights Act (CPRA) is California's state legislation aimed at protecting residents' digital privacy. It became effective on January...
View More
Navigating the Shift: Transitioning to PCI DSS v4.0
What is PCI DSS? PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards to ensure safe processing, storage, and...
View More
Securing Data+AI : Playbook for Trust, Risk, and Security Management (TRiSM)
AI's growing security risks have 48% of global CISOs alarmed. Join this keynote to learn about a practical playbook for enabling AI Trust, Risk,...

Spotlight Talks

Spotlight 11:29
Not Hype — Dye & Durham’s Analytics Head Shows What AI at Work Really Looks Like
Not Hype — Dye & Durham’s Analytics Head Shows What AI at Work Really Looks Like
Watch Now View
Spotlight 11:18
Rewiring Real Estate Finance — How Walker & Dunlop Is Giving Its $135B Portfolio a Data-First Refresh
Watch Now View
Spotlight 13:38
Accelerating Miracles — How Sanofi is Embedding AI to Significantly Reduce Drug Development Timelines
Sanofi Thumbnail
Watch Now View
Spotlight 10:35
There’s Been a Material Shift in the Data Center of Gravity
Watch Now View
Spotlight 14:21
AI Governance Is Much More than Technology Risk Mitigation
AI Governance Is Much More than Technology Risk Mitigation
Watch Now View
Spotlight 12:!3
You Can’t Build Pipelines, Warehouses, or AI Platforms Without Business Knowledge
Watch Now View
Spotlight 47:42
Cybersecurity – Where Leaders are Buying, Building, and Partnering
Rehan Jalil
Watch Now View
Spotlight 27:29
Building Safe AI with Databricks and Gencore
Rehan Jalil
Watch Now View
Spotlight 46:02
Building Safe Enterprise AI: A Practical Roadmap
Watch Now View
Spotlight 13:32
Ensuring Solid Governance Is Like Squeezing Jello
Watch Now View
Latest
View More
Databricks AI Summit (DAIS) 2025 Wrap Up
5 New Developments in Databricks and How Securiti Customers Benefit Concerns over the risk of leaking sensitive data are currently the number one blocker...
Inside Echoleak View More
Inside Echoleak
How Indirect Prompt Injections Exploit the AI Layer and How to Secure Your Data What is Echoleak? Echoleak (CVE-2025-32711) is a vulnerability discovered in...
What is SSPM? (SaaS Security Posture Management) View More
What is SSPM? (SaaS Security Posture Management)
This blog covers all the important details related to SSPM, including why it matters, how it works, and how organizations can choose the best...
View More
“Scraping Almost Always Illegal”, Netherlands DPA Declares
Explore the Dutch Data Protection Authority's guidelines on web scraping, its legal complexities, privacy risks, and other relevant details important to your organization.
Beyond DLP: Guide to Modern Data Protection with DSPM View More
Beyond DLP: Guide to Modern Data Protection with DSPM
Learn why traditional data security tools fall short in the cloud and AI era. Learn how DSPM helps secure sensitive data and ensure compliance.
Mastering Cookie Consent: Global Compliance & Customer Trust View More
Mastering Cookie Consent: Global Compliance & Customer Trust
Discover how to master cookie consent with strategies for global compliance and building customer trust while aligning with key data privacy regulations.
Understanding Data Regulations in Australia’s Telecom Sector View More
Understanding Data Regulations in Australia’s Telecom Sector
Gain insights into the key data regulations in Australia’s telecommunication sector. Learn how Securiti helps ensure swift compliance.
Top 3 Key Predictions on GenAI's Transformational Impact in 2025 View More
Top 3 Key Predictions on GenAI’s Transformational Impact in 2025
Discover how a leading Chief Data Officer (CDO) breaks down top predictions for GenAI’s transformative impact on operations and innovation in 2025.
Gencore AI and Amazon Bedrock View More
Building Enterprise-Grade AI with Gencore AI and Amazon Bedrock
Learn how to build secure enterprise AI copilots with Amazon Bedrock models, protect AI interactions with LLM Firewalls, and apply OWASP Top 10 LLM...
DSPM Vendor Due Diligence View More
DSPM Vendor Due Diligence
DSPM’s Buyer Guide ebook is designed to help CISOs and their teams ask the right questions and consider the right capabilities when looking for...
What's
New