Opt out of FLoC cohort calculation
Release notes
To avoid users being tracked and categorized in any GitLab instance, Gitlab should send the
Permissions-Policy: interest-cohort=()
header by default.
Problem to solve
Chrome rolled out the FLoC feature already, where users are now categorized into different cohorts.
Advertisers will use this to uniquely target and track users
Intended users
Everyday normal person. From Compliance Manager to Content Editor.
User experience goal
The user should not be tracked and categorized by on his/her visits to gitlab.com or any other GitLab instance.
See: https://github.com/WICG/floc
Proposal
Disable FLoC by default. We can explore making this configurable based on demand.
To disable by default, we should send this header by default
Permissions-Policy: interest-cohort=()
Available Tier
- Free
What does success look like, and how can we measure that?
FLoC should not consider gitlab.com browsing data
Links / references
- https://github.com/WICG/floc#privacy-and-security-considerations
- https://techcrunch.com/2021/03/30/google-starts-trialling-its-floc-cookie-alternative-in-chrome/?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAAIeEQvoHsCQpLGg-Y1h8NnIT5hauoepskVM_edF4eDz5nXCTPd-W83UR5_kGSIAodt_VfxW7kjyhYDsmuxQrcDErRw7w2Sje2xNLiWJyDqLzIReEirFkJUI_NCi_t2lWMu2cnr7yKP2AQVb5647lkeVf1FzcFIaqj6XcF-V9dNbe
- https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network
Edited by Max Wittig