Google has announced that their introduction of the SameSite cookie labelling will be rolled back due to the Coronavirus lockdown. They went on to say that all users of Chrome 80 will have SameSite turned off for the time being.
What Is SameSite Cookie Labelling?
Google announced their two year phased approach to the elimination of third-party cookies and SameSite Labelling is an important constituent part of this process.
Google’s January 2020 announcement said:
“Users are demanding greater privacy–including transparency, choice and control over how their data is used–and it’s clear the web ecosystem needs to evolve to meet these increasing demands.
Some browsers have reacted to these concerns by blocking third-party cookies, but we believe this has unintended consequences that can negatively impact both users and the web ecosystem.
By undermining the business model of many ad-supported websites, blunt approaches to cookies encourage the use of opaque techniques such as fingerprinting (an invasive workaround to replace cookies), which can actually reduce user privacy and control. We believe that we as a community can, and must, do better.”
The SameSite Labelling rollout was aimed at helping third-party site maintain cookies so the web would continue to work in the way we would expect it to.
This means that if one person is signed in to one payment site they will also be treated as signed in on various other sites with payment gateways, thus eliminating the need to keep signing in and remember loads of different passwords in order to make payments.
“In light of the extraordinary global circumstances due to COVID-19, we’ve decided to temporarily roll back the enforcement of SameSite cookie labeling on Chrome 80 stable.
We recognize the efforts of sites and individual developers who prepared for this change as part of our ongoing effort to improve privacy and security across the web.
We appreciate the feedback from across the web ecosystem which has helped inform this decision. We will provide advance notice on here and the Chromium blog when we plan to resume the gradual rollout, which we’re now aiming for over the summer.”
Why Google is Rolling Back SameSite Labeling
The rollout of SameSite Labelling is being delayed due to the Coronavirus shutdown, which has affected a huge proportion of the economy around the globe. Google has recognised that this rollout also means many businesses will not be able to use their usual development resource so they comply with the new web standards.
In the announcement, Google went further to specify those websites which could be detrimentally impacted by their rollout during the pandemic:
“we want to ensure stability for websites providing essential services including banking, online groceries, government services and healthcare that facilitate our daily life during this time. “
Whilst this has to be a good thing for businesses at the moment and something we welcome, with around a third of whom in the UK currently face an uncertain future, timing is essential. Google’s plan to push this rollout back to later in the summer may be too early, as a great number of businesses will still be facing severe resource and cashflow knock-ons following the COVID-19 shutdowns.
Temporarily rolling back SameSite Cookie Changes
Inspired by an article here.