So, you're navigating the seedy underbelly of the internet and think that as long so you're in incognito mode, you'll be fine. Turns out, many websites can actually use a loophole in the way Chrome works to determine if a user is accessing their content via private browsing. This can not only pose a challenge to users' privacy but is also being employed to prevent users from circumventing metered paywalls.
Google is now promising to close this loophole, which relies on the FileSystem API, and ensure complete privacy when you use Incognito Mode. The way sites currently use the loophole is to check the availability of the FileSystem API when a user accesses the site. The API is turned off for Incognito Mode users so if the API returns an error message, this can be a good indicator to the site that you're using Incognito Mode, and it can then amend the content it offers.
Come July 30, Google will be remedying this problem, and it's also promising to ensure that any future methods of detecting private browsing will also be quashed, in an attempt to trump up its privacy bona fides.
What about the publishers of websites who are affected by these changes, and who employ metered paywalls (where a site offers to let you read a number of articles for free before asking you to make an account or pay for a subscription)? Google acknowledged their concerns, but insisted that it will prioritise users' privacy and instead offered various solutions that websites could consider instead:
"Sites that wish to deter meter circumvention have options such as reducing the number of free articles someone can view before logging in, requiring free registration to view any content, or hardening their paywalls. Other sites offer more generous meters as a way to develop affinity among potential subscribers, recognizing some people will always look for workarounds. We suggest publishers monitor the effect of the FileSystem API change before taking reactive measures since any impact on user behavior may be different than expected and any change in meter strategy will impact all users, not just those using Incognito Mode."
The move is certainly a welcome one for users who need private browsing, especially if they're living in politically tumultuous regions. The changes will be part of the upcoming Chrome 76 release and will be concomitant with other changes, such as the ability to automatically respect the users' Dark Mode preferences, a new payments API and improvements to progressive web apps (PWAs).
8 Comments - Add comment