Privacy Analysis of FLoC
We have conducted a detailed analysis of FLoC privacy. Google has run an experiment with FLoC; from that they've stated that FLoC provides 95% of the per-dollar conversion rate when compared to interest-based ad targeting using tracking cookies. When combined with a FLoC cohort that only has a few thousand users, a relatively small amount of information is required to identify an individual person or at least narrow the FLoC cohort down to a few people. FLoC undermines these more restrictive cookie policies: because FLoC IDs are the same across all sites, they become a shared key to which trackers can associate data from external sources. All a site needs to do is call the FLoC APIs to get the cohort ID and then use it to look up information in the service. First, sites have the option of whether or not to participate in FLoC. In the current experiment that Chrome is conducting, sites are included in the FLoC computation if they do ads-type stuff, either "Load ads-related resources" or call the FLoC APIs. It is possible that these properties can be fixed or mitigated - we suggest a number of potential avenues in our analysis - further work on FLoC should be focused on addressing these issues.