I've been reading a lot about Google's AdID. Will this new technology really be able to replace third-party cookies?...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
What repercussions can users and companies expect if this happens?
Ask the Expert
Have questions about application security for expert Michel Cobb? Send them via email today! (All questions are anonymous)
While plans by Google Inc. to introduce a new type of user-tracking technology to replace third-party cookies are still unconfirmed, the company hasn't denied the story, first reported in USA Today. The search giant's reported intent with AdID -- short for anonymous identifier for advertising -- is to replace the hundreds of cookies stored on users' devices and consolidate the data in one place. For advertisers, this would mean a much richer and more complete user profile that allows for better targeting of advertisements and content.
Cookies have always been a bone of contention with privacy-conscious users. In fact, most Web browsers today include a Do Not Track function that blocks tracking cookies automatically. No doubt if this new technology takes off, anti-AdID options will appear even though all Web users' identities will supposedly be anonymous through the AdID system. Also, advertisers who want to use AdID data must reportedly meet basic guidelines respecting user privacy. The proposal of a separate AdID for private browsing will recreate the equivalent of the existing incognito session, but remembering to select this option may be harrowing for many users.
Why is Google likely pursuing AdID? Google wants to track users across all of their devices and the services they use, such as Google+ and Gmail. AdID would even make it easy for Google to link a real identity to a Web activity identity if required. Unfortunately, the value of all this data would make it a prime target for cybercriminals and nation states alike. On the other hand, an option to opt out of AdID should be far more persistent and effective than current cookie-management methods and could even spread across all devices.
Any form of Web tracking technology must be fully understood by organizations and users alike. If AdID does become a reality, security policies covering Web surfing, browser settings and work personas will need to be updated, and security awareness sessions should be introduced that cover the new technology to bring users up to speed. Prior to a possible introduction of AdID, it may be worth demonstrating the Panopticlick tool from the Electronic Frontier Foundation during training sessions. It shows exactly what kind of information a browser reveals about users and their devices. I'm pretty sure the results will make users follow any safe surfing rules outlined in their organization's acceptable use policy.
Dig Deeper on Web Browser Security
Related Q&A from Michael Cobb
Open source NoSQL MongoDB database faced 30,000 insecure instances. Expert Michael Cobb explains the misconfiguration that led to this, and how to ...continue reading
A new Veracode report offers details on common mobile application security risks. Expert Michael Cobb explains these flaws, and what developers can ...continue reading
Juniper firewall products were found to have two backdoor vulnerabilities. Expert Michael Cobb explains how a cryptographic algorithm and hardcoded ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.