Google is working on a system to fight fraud and make the internet “more private and safe,” but it’s just come in for some blistering criticism from software engineers behind the Vivaldi web browser. According to them, it’s a “dangerous” idea that could lead to greater surveillance of ordinary people.
The subject of this kerfuffle is Google’s Web Environment Integrity project, or WEI. Its purpose, Google says, is to stymy bad actors by providing a piece of code on a website that can be checked with a trusted attestor (such as Google) to ensure the visitor is who they say they are. That could prevent cheating in games, for example, or ensure that ads are being properly served to readers.
The problem, critics assert, is that those same measures could be used to hamstring ad blockers, block browsers that compete with Google Chrome, or otherwise limit lawful web browsing activities.
Ben Wiser, a software developer working on the scheme, responded to the criticism on GitHub by saying that WEI is “part of a larger goal to keep the web safe and open while discouraging cross-site tracking and lessening the reliance on fingerprinting for combating fraud and abuse.”
Yet not everyone agrees. Posting on the company’s blog, Vivaldi developer Julien Picalausa said “The details are nebulous, but the goal seems to be to prevent ‘fake’ interactions with websites of all kinds. While this seems like a noble motivation, and the use cases listed seem very reasonable, the solution proposed is absolutely terrible and has already been equated with DRM for websites, with all that it implies.”
If any browser or user behavior doesn’t please Google, Picalausa argues, it runs the risk of simply being excluded or restricted in some way thanks to the enormous amount of power such a scheme could concentrate in an attestor’s hands. And that could be bad news for the open principles of the web.
‘More surveillance’
Speaking to The Register, Vivaldi CEO Jon von Tetzchner explained that “A big part of the reason why there is a problem is the surveillance economy … the solution to the surveillance economy seems to be more surveillance.”
They continued by explaining that when they worked on the Opera browser, developers had to hide the browser’s identity in order to get Google Docs to work properly. The concern, von Tetzchner said, was that WEI could represent a similar problem for third-party browsers.
In their GitHub post, however, Wiser argues that WEI is not designed to single out individual browsers or extensions and that it does not penalize browsers that try to hide their identity. They also insist that the goal of the project is to balance user privacy with fraud prevention and to improve results in both areas.
But whether WEI can satisfy the critics is another matter. It’s clear that many people object to an internet where powerful institutions can judge a user’s worthiness based on a handful of opaque factors. It seems that this battle is far from over.
