In response to potential misuse of IP-address tracking, Google is preparing to trial a new privacy feature for its popular browser, Google Chrome, called “IP Protection.” With the primary aim of striking a chord between ensuring user privacy and maintaining essential web features, the feature uses proxy servers to mask users' IP addresses.
IP addresses, which web entities typically use to track user activities and build persistent profiles, have been a longstanding privacy concern. Contrary to third-party cookies, users currently lack a viable method to escape such covert tracking.
Behind Google's IP Protection Feature
The creation of “IP Protection” is Google's solution to this problem. Notwithstanding their potential misuse for tracking purposes, IP addresses play key roles in facilitating critical web functionalities. These include traffic routing, fraud prevention, and other essential network tasks. Google's “IP Protection” is designed to route third-party traffic through proxies, making IP addresses inaccessible to those domains.
As the ecosystem keeps evolving, the feature, too, will upgrade, adapting to protect users from cross-site tracking further and adding more domains to the proxied traffic. Google's approach is an opt-in feature to give users authority over their privacy and aid the tech giant in assessing behavior trends.
The Future of IP Protection
The first phase of testing, “Phase 0,” involves Google proxying requests to its domains using its proprietary proxy. This phase will allow Google to test the system and refine the domain list, with the service available to users logged into Google Chrome and with a US-based IP. To minimize potential misuse, permissions will be regulated by an authentication server operated by Google, with an allocated quota for each user.
Google plans on implementing a 2-hop proxy system in future development stages for enhanced privacy. Also, to preserve functionalities of online services that rely on GeoIP, Google's IP Protection feature will assign coarse locations to proxy connections rather than specific locations. Services targeted for initial service testing include Gmail and AdServices. As cybersecurity concerns are inherent, Google plans to require feature users to authenticate with the proxy and introduce rate-limiting as part of its security measures.