Google, Facebook & More Bypassing Browser Privacy Settings [News]

Ads by Google

Last week Apple and Microsoft employees were shocked to find that Google had bypassed user privacy settings in IE and Safari. But this isn’t the only surprise – apparently Facebook and many other companies are doing the same thing.

The problem is that Internet Explorer blocks third-party cookies unless the site presents a Platform for Privacy Preferences Project (P3P) Compact Policy (CP) statement explaining how the cookie will be used. Google, Facebook and many other companies present a P3P statement which is accepted by the browser even though it doesn’t state the intent.

Business Insider summarised Google’s behaviour as follows: “Google secretly developed a way to circumvent default privacy settings established by a… competitor, Apple… [and] Google then used the workaround to drop ad-tracking cookies on the Safari users, which is exactly the sort of practice that Apple was trying to prevent.”

Facebook’s compact policy states: P3P:CP=”Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p.”

It turns out many of the big websites would be unable to keep users logged in if they adhered to the privacy settings, so they want a way to get around them. As the P3P standard is out of date and not implemented on many browsers, these companies simply work around the P3P issue by providing CPs that are formatted in a way that circumvents the cookie blocking.

Source: MSDN& ZDNet

Join live MakeUseOf Groups on Grouvi App Join live Groups on Grouvi
Web for Kids
Web for Kids
7 Members
Deep Web Communities
Deep Web Communities
16 Members
Awesome Websites
Awesome Websites
32 Members
Best Music Services
Best Music Services
17 Members
Ads by Google
Comments (7)
  • Chris Hoffman

    This is kind of a tempest in a teapot.

    Basically very few websites actually have P3P policies, because it’s an outdated standard that only IE implements. Even then, it’s IE’s default setting — users don’t choose it.

    Websites say to IE “Hey, we don’t have a P3P policy” and IE says “Okay, track away!”. If Microsoft was really serious, they could just block websites without P3P policies. Instead, they wait years while being aware of this happening, then decide to throw it at Google when they think they can do some damage.

    • msillegality

       So it’s basically like politics?

    • Chris Hoffman

      Yup, they’re trying to make Google look bad.

      Even if Google deserves it, Microsoft’s motives are certainly not pure and innocent.

  • Ellen W.

    I was wondering what happened to the “ask me” pop up about things I didn’t want to happen, yet needed in order for the sight to react with me. I used to get ‘Allow’ this whatever so that you can ‘use’ this sight…. why can’t ‘the big sights’ trust our judgement like they used to? 

    • Angela Alcorn

      Ah, but then the big sites couldn’t do whatever they wanted to, could they?

  • Suhel

    are we heading towards a dark era of internet?

    • Angela Alcorn

       It could perhaps prompt the browsers to adopt something better instead.

Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.
Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.