On March 16, Brave, a privacy-oriented web browser, filed a formal complaint against Google with the Irish General Data Protection Regulation enforcer — since the multinational tech conglomerate’s European headquarters are located in Dublin.
According to Brave, Google has been quite irresponsible with how it has been collecting and sharing the personal data of its users. Brave’s chief policy and industry relations officer Johnny Ryan went as far as saying that owing to Google’s dubious operational policies, the multimedia giant has created a “free for all” data warehouse that is not only being abused quite blatantly but is also in clear violation of the GDPR rulebook.
From a technical standpoint, Google is being accused of violating Article 5(1)b of the GDPR, which states that digital data being collected by a company should be done purely for reasons that are “specified, explicit and legitimate” in nature. The article states that the acquired data should not be in any way processed in a manner that is incompatible with the aforementioned purposes. Ryan contends that by filing a “purpose limitation” complaint with the GDPR, Brave will help give individuals the power to decide which of Google’s services they choose to share their data with.
Brave points the finger
In a recent conversation with Cointelegraph, Ryan stated that even though some of Google’s individual products (such as the Search function, for example) may be using customer data appropriately, the company takes personal information collected through all of its various offerings and combines it for various ill-defined purposes:
“This infringes the GDPR’s ‘purpose limitation principle.’ Brave’s evidence illustrates that there is a data free-for-all inside Google. One can never know what Google does with one’s data. If such a vast company as Google were to be permitted to operate a data free-for-all, then the GDPR would be an illusory fantasy.”
Furthermore, according to a study released by Brave that takes a detailed look at a number of documents written for Google’s business clients, technology partners, developers, lawmakers and users, the company claims that the multimedia giant routinely acquires a wide array of sensitive data from its customers — via the use of different websites, apps and operating systems — and uses it for “hundreds of ill-defined processing purposes.”
Providing his insights on the matter, Jesse Crouch, owner of Never Astray — a privacy-oriented firm that provides clients with detailed, 3D topographical maps — told Cointelegraph that Google obtains data from its users any way it can, calling this mode of operation the company’s “bread and butter.” On the subject, he added:
“Google created its analytics product so that it has as much data as possible about the web as a whole, including the traffic to websites that don’t come from its search engine. Google Maps isn’t some super expensive philanthropic effort to give the gift of navigation to the world — it was designed to give Google as much data about locations of places and users as possible.”
Cointelegraph received a similar view from Norbert Goffa, executive manager of ILCoin — a blockchain-based storage system solution — who pointed out Google’s various cases that have resulted in lawsuits worth more than $200 million. One of the most prominent ones dates back to 2010, wherein Google had made use of specially equipped cars and trucks to collect emails, passwords and other personal information which was then transmitted over unsecured Wi-Fi networks owned by tens of millions of people around the world. Goffa went on to add:
“Another lawsuit against the corporation was related to inadequate protection by Google of the information of YouTube users under 13. The company’s actions violated the Children’s Online Privacy Protection Act, which prohibits the collection of information and the publication of data belonging to users under 13 years old without the consent of their parents.”
A Brave way out?
From a fresh install, Brave looks like a browser that maximizes individual privacy and security, since ads and trackers are blocked automatically. This basically means that companies like Google and Facebook no longer have the ability to monitor the real-time activity of their users.
It should also be highlighted that people who make use of ad blockers and/or anti-tracking tools on Google’s native browsing service — Chrome — are often unaware that the browser automatically signs users into their personal accounts, thereby negating the overall effectiveness of most anti-tracking tools.
Enumerating the various points that make Brave stand out from the rest of the fray, Catherine Corre, head of communications for Brave, told Cointelegraph that unlike other browsers, Brave makes use of a privacy-by-default foundation; the browser blocks or neutralizes tracking scripts, third-party cookies, fingerprinting methods, crypto-mining scripts and other privacy threats:
“Google Chrome, in contrast, has surveillance built in: if a user logs into any Google service by a Gmail address or similar account key, by default Chrome tracks the user’s navigation for ad targeting.”
On the issue, Crouch further pointed out that other browsers are now slowly beginning to catch on to the privacy standards. In this regard, Brendan Eich — the co-founder of Mozilla and creator of JavaScript — began the Brave project separately from Mozilla to get a fresh start and pursue a new business model.
On a somewhat similar note, Chris Hauk, privacy advocate for Pixel Privacy, a platform that seeks to help users maximize their digital security and safety, told Cointelegraph that Brave browser’s use of specialized privacy protocols allows to load the web content faster which in turn results in a smoother browsing experience.
He also pointed out that the desktop version of the browser comes equipped with the ability to deploy the Tor network to route any connection through multiple relays before reaching the desired destination. Since these connections are also encrypted, users can experience increased anonymity — all without having to load the Tor browser separately.
Brave wants to up the game?
Recently, the core developer team behind Brave browser announced that they are working on deploying an all-new feature called the “random browser fingerprint generator,” which will allow users to greatly enhance their individual privacy and digital security. Elaborating on the overall efficacy/utility of this feature in a bit more detail, Hauk told Cointelegraph:
“Brave’s random browser fingerprint generator will make every browser session look unique, as the user moves between websites and between browsing sessions, this will make a user’s browser appear completely unique when browsing, making it difficult, if not impossible to track a user.”
Browser fingerprints can be thought of as digital markers that a number of firms use to track the movements of many casual browsers in an easy, hassle-free manner. For example, something as simple as keeping one’s browser window maximized all the time can allow one’s identity to be exposed to a number of miscreants.
In this regard, Brave’s latest effort to randomize its user’s digital fingerprints is being seen as a potential game changer by security experts. This, according to Crouch, is one of the many reasons Edward Snowden recommends the Linux distributions of Tails, a security-focused, Debian-based OS that, by default, randomly resizes itself to ensure that users have a minimal digital fingerprint.
Elaborating on the various technical aspects of Brave’s fingerprint randomization approach, Peter Snyder, senior privacy researcher at Brave, pointed out that the technology has been designed to protect users against web-scale fingerprinting attacks:
“Brave’s fingerprint randomization techniques prevent users from being uniquely fingerprinted when sites use broad, untargeted fingerprinting tools advertisers and trackers use (e.g., common open-source tools like fingerprint2.js); Brave’s fingerprinting is not likely to be robust against highly targeted identification efforts, such as those used by state actors or law enforcement.”
When asked about why other companies such as Google and Microsoft don’t make use of such forward-looking technology to secure the information of their users, Snyder gave a twofold answer. Firstly, he explained that the randomization technique in question is novel and previously only existed (for the most part) in academic research. Secondly, he stated that there is a collective action problem in web privacy, where browser vendors are nervous about deploying new protection protocols out of the fear that their new schemes might break some websites — which are in fact major donors within this field of research.
Privacy-oriented browsers are gaining more traction
Recently, it came to light that the number of individuals making daily use of Brave’s blockchain browser had surged past the four-million mark. Not only that, earlier this month, Brendan Eich tweeted that Brave’s standard web browser also has a total of 12.2 million monthly users.
This meteoric rise can be attributed to Brave’s privacy-forward stance as well as it’s compatibility with a number of mainstream applications — like Google Chrome or Microsoft Edge. Additionally, Brave runs on mobile devices as well as on desktop computers and claims to be faster by default than any other browser because of its ability to reduce the load on one’s machine.
On the subject of Tor browser versus Brave, and how the two fare against each other in terms of their overall privacy and security related benefits. John Jefferies, Chief Financial Analyst at CipherTrace, crypto forensics firm, told Cointelegraph that upon doing a quick test comparing the tracking potential of the two, he found that while Tor offers more anonymity, Brave provides users with a high level of privacy. Expounding his views on the matter further, Jefferies pointed out:
“The difference is important, but essentially Tor doesn’t hide user activity but obscures user details by giving a false location. Brave protects privacy by concealing all information about user activity unless the user explicitly enables cross-site trackers. As the Pew Research Center revealed in its privacy report, more people than ever are concerned about online data privacy. Increasing apprehension about the way personal data is being used may explain Brave’s extraordinary growth.”
Individual privacy is the future
As users continue to discover ways in which their browser data — as well as other personal info — is being shared among companies, more people will likely become increasingly concerned with their online privacy and anonymity. As a result, many believe that consumer interest in online security platforms such as the Brave browser, as well as other anonymity tools like VPNs, will increase quite significantly in the years to come.
Additionally, Brave’s increasing popularity can be attributed to its goal of giving back to its users by way of a native cryptocurrency, Basic Attention Token (BAT). This is what sets Brave apart from mainstream web platforms like Chrome, Safari and Edge, which are not only prone to various third party intrusions (trackers, malware,etc) but also don’t offer much in monetary value to their users.
The masses at large seem to have reacted very positively towards Brave. Corre highlighted that the platform has witnessed a lot of growth on the creator side of things, with the browser now boasting of more than 500,000 verified publishers, concluding:
“The entire ecosystem is hungry for an alternative to the current broken ad tech ecosystem. The privacy tide is continuing to rise.”