Will Google Block Ad Blockers and Privacy Extensions?

Google engineers proposed some fundamental changes to the Chrome desktop browser and all other browsers using the open source Chromium code base (which would include future versions of Microsoft Edge). The proposed API modifications will break existing content-blocking browser extensions such as ad blockers and privacy protection tools.

Marc Al-Hames, Managing Director at Cliqz, says:

This would basically mean that Google is destroying ad blocking and privacy protection as we know it. They pretend to do this for the sake of privacy and browser performance, however in reality, users would be left with only very limited ways to prevent third parties from intercepting their surfing behavior or to get rid of unwanted content. Whether Google does this to protect their advertising business or simply to force its own rules on everyone else, it would be nothing less than another case of misuse of its market-dominating position. If this comes true, we will consider filing an anti-trust complaint.

Today, browser extensions can use Chrome/Chromium’s webRequest API to block requests, which is the prerequisite to block ads and more importantly tracking scripts used to monitor users’ behavior and build personal profiles.

In the proposed new model, the webRequest API will be replaced by the new declarativeNetRequest API. Essentially, this means an extension can send Chrome/Chromium a list of blocking patterns and Chrome/Chromium will do the blocking based on these patterns. It will, however, no longer be possible to modify or kill potentially dangerous or privacy-invading requests.

The current proposal would impose huge limitations on extension developers:

• The patterns are less flexible than what is used in all modern anti-tracking tools and ad blockers today (there might be more breakage, or extension developers might not be able to specify some of the rules with this limited “syntax”).
• There is a hard limit of 30k rules that extensions can register (as a quick comparison, most blockers usually load more than 100k rules by default, and sometimes more to fine-tune the behavior depending on the user). Sophisticated ad blockers with larger lists of rules would lose their competitive edge over the more basic ones. Competition would be destroyed. Innovation would cease to exist and Google’s own ad blocker implemented in Chrome (that does not block Google’s ads and trackers) might get a competitive advantage.
• This system is a black box, which means no one may be able to figure out how and if the blocking rules are really applied, know which requests are really blocked, etc. It becomes very hard to investigate issues as well, since developers probably will not have access to the “blocking engine”.
• The pattern lists for blocking have to be hard-coded and static and sent to Chrome/Chromium for reviews, a process which would cost time (today the extension review process can take weeks!). It would give ad tech and tracking vendors the opportunity to constantly implement changes to their products, making them undetectable for the blockers. In other words, there’s a risk that the “blocker database” would always be outdated.
• It would mean the end of dynamic technologies that today update their blocking lists every few hours or even detect new tracking scripts in real-time, such as Ghostery’s and Cliqz’s AI-based anti-tracking that would no longer work with the new API.

In the end, users will suffer the most from the changes as they will make it harder for users to effectively block ads and tracking scripts and thus protect their privacy on the web. But fortunately, there are other browsers: