I would like to follow-up and provide more context on Firefox’s current protections and the motivation behind phasing out all third-party cookies.
Following Mozilla’s Anti-tracking policy <https://wiki.mozilla.org/Security/Anti_tracking_policy>, Firefox has been blocking third-party cookies from known trackers by default since 2019 (see Enhanced Tracking Protection <https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop>). We also proposed and shipped Total Cookie Protection <https://blog.mozilla.org/en/products/firefox/firefox-tips/internet-safety-for-families-total-cookie-protection/> (enabled by default in Firefox since 2022) which partitions all third-party cookies in separate cookie jars per site. Firefox, therefore, already prevents trackers from abusing third-party cookies to follow and track individuals across the web. Cookie partitioning, as already shipped in Firefox, is an effective defense against third-party cookie tracking. However, other browsers have tried other solutions, such as blocking third-party cookies entirely or using list-based blocking. In an attempt to bring consistency across browser engines and minimize web compatibility challenges, most browser vendors are now interested in blocking all third-party cookies and offering partitioned cookies as an opt-in feature (CHIPS <https://github.com/privacycg/CHIPS>). To this end, Firefox is enabling CHIPS by default for all users starting with version 131 (dev-platform announcement <https://groups.google.com/a/mozilla.org/d/msgid/dev-platform/CAFjL7MJpS4OpDW8XwJjsnHufQx2G1oiXc3A0BDnubq%2B3pt97DA%40mail.gmail.com?utm_medium=email&utm_source=footer>) and this thread announces the next step of prototyping the blocking of all third-party cookies. It is worth reiterating that the motivation behind phasing out all third-party cookies is not additional effective tracking protection but rather, browser ecosystem uniformity/consistency. On Thu, Sep 5, 2024 at 7:46 PM Tim Huang <[email protected]> wrote: > > Summary: Third-party cookies pose significant risks to user privacy, > allowing trackers to monitor individuals across the web. Recognizing this, > browser vendors have committed to phasing them out. To support this effort, > we plan to prototype third-party cookie blocking in the Nightly channel. > This will allow us to identify and address potential website compatibility > issues as we move towards a broader rollout. > > Bug: <https://bugzilla.mozilla.org/show_bug.cgi?id=1865198> > https://bugzilla.mozilla.org/show_bug.cgi?id=1915383 > > Specification: https://www.w3.org/2001/tag/doc/web-without-3p-cookies/ > > Platform coverage: Firefox Desktop, Firefox on Android > > Preference: network.cookie.cookieBehavior.optInPartitioning > > DevTools bug: <https://bugzilla.mozilla.org/show_bug.cgi?id=1895215> > https://bugzilla.mozilla.org/show_bug.cgi?id=1872896 > > Other browsers: > > - > > Chrome: Recently, they announced that they will keep supporting > third-party cookies > <https://privacysandbox.com/intl/en_us/news/privacy-sandbox-update/> > but will provide an option for users to opt out of them. > - > > Safari: Third-party cookie access has been blocked since 2020 > <https://webkit.org/blog/10218/full-third-party-cookie-blocking-and-more/> > - > > Edge: Microsoft hasn’t announced any plan of phasing out third-party > cookies > - > > Brave: Brave has blocked third-party cookies > > > -- > Tim Huang > Mozilla > email:[email protected] > > > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-platform/CAFjL7MKAE1i0%2BGHnJYSDKeCsDXFH0oAZzh0sD0V5v9DbTtKe-A%40mail.gmail.com.
