With site-specific ‘cookie jars,’ Firefox hopes to curb user tracking
Firefox announced last week it is rolling out “Total Cookie Protection”, by default for all users. It’s a neat feature–we liked it so much that we called it one of the most transformative security innovations of 2021–and will go a long way towards keeping Firefox users safe from the pernicious practices of data brokers. It doesn’t prevent all types of tracking ,, but it makes it harder for your web activities to be tracked from one site to another.
Firefox may be more popular than you realize. It has about 6. 65 percent of the desktop browser market in the US and around 7. 66 percent of the market worldwide. It is the fourth most used browser, after Safari, Microsoft Edge, Google Chrome, and Microsoft Edge. The rankings don’t change if you include mobile web browsers. This update will be sent to millions of people and is likely to be another nail in the coffin of cookies.
Total cookie protection works by creating a separate “cookie-jar” for each website you visit. All cookies for a site are stored in their own cookie jar. This means that you cannot be tracked on the internet as other sites can only access your cookie jar. If you search for “running shoes” in Amazon, you won’t see running shoes ads on any other site. Amazon will still keep a cookie with your search history details, but other sites’ ad units won’t be in a position to pull from that cookie. While you will likely end up with many similar cookies stored in your cookie jars, it won’t impact your computer’s performance.
In the blogpost announcing the feature, Mozilla claimed that, “this approach strikes the balance between eliminating the worst privacy properties of third-party cookies… and allowing those cookies to fulfill their less invasive use cases (e.g. It is a fair summary. While you won’t need to log in to every site you visit (one benefit of cookies), it will be harder to track your movements around the web (one disadvantage).
As for the competition, Microsoft Edge is trialing a “Super Duper Secure” mode that has a similar feature, though it isn’t as private by default. Safari blocks all cross-site tracking whether using cookies, fingerprinting, or anything else by default with a feature called Intelligent Tracking Prevention; it is designed to limit all kinds of tracking “while still enabling websites to function normally.” But that is only available on macOS. Brave is available on Windows, Mac, and Linux and is at least as aggressive in how it blocks cookies by default; we suspect it’s not being included as it has less than 0.1 percent of the desktop browser market so hardly counts as a “major” player. Opera, with around 2.5 percent of the desktop browser market (about the same as Internet Explorer) is probably being excluded on the same grounds. DuckDuckGo is currently in a Mac-only beta, has negligible desktop market-share, and its privacy credentials are under fire after it was revealed it had a deal with Microsoft to allow certain trackers.
Really, all that’s left is Google Chrome which, somewhat unsurprisingly, is not the most aggressive at preventing tracking cookies. It is due to start blocking third-party cookies next year–though similar plans have already been delayed in the past.
Firefox users will appreciate this privacy boost. If you are using Microsoft Edge or Google Chrome, and want something a bit more privacy-focused than Chrome, this could be a compelling argument to switch to Firefox. Firefox is a great, modern browser. Total Cookie Protection is not available for users of Safari, Opera, Brave and DuckDuckGo. It comes down to which browser you prefer in these cases.