Google’s Stake Through the Hearts of Obnoxious Autoplay Videos


Yesterday, in “Apple’s New Cookie Policy Looks Like a Potential Disaster for Users” — https://lauren.vortex.com/2017/09/14/apples-new-cookie-policy-looks-like-a-potential-disaster-for-users — I lambasted Apple’s plans to unilaterally deeply tamper with basic Web cookie mechanisms (including first-party cookies) in a manner that won’t actually provide significant new privacy to users in the long run, but will likely create major collateral damage to innocent sites across the Internet. 

I also mentioned that in my view Google has taken a much more rational approach — focused on specific content issues without breaking fundamental network paradigms — and in that context I mentioned their plans to tame obnoxious autoplay videos.

We all know about those videos — often ads — that start  blaring from your speakers as soon as you hit a site. Or even worse, videos that lurk silently on background tabs for some period of time and then suddenly blare at you — often with loud obnoxious music. Your head hits the wall behind you. Your coworkers scatter. Your cat violently pops into the air and contemplates horrific methods of revenge.

As it happens, Google has just blogged on this topic, with a rather mundane post title covering some pretty exciting upcoming changes to their Chrome browser.

In “Unified Autoplay” — https://blog.chromium.org/2017/09/unified-autoplay.html — Google describes in broad terms its planned methodologies for automatically avoiding autoplay in situations where users are unlikely to want autoplay active, and also for providing to users the ability to mute videos manually on a per-site basis.

Frankly, I’ve been long lobbying Google for some way to deal with these issues, and I’m very pleased to see that they’ve gone way beyond a basic functionality by implementing a truly comprehensive approach.

For most users, once this stuff hits Chrome you probably won’t need to take any manual actions at all to be satisfied with the results. If you’re interested in the rather fascinating technical details, there are two documents that you might wish to visit.

Over on Chromium Projects, the write-up “Audio/Video – Autoplay” — https://sites.google.com/a/chromium.org/dev/audio-video/autoplay — goes into a great deal of the nitty-gritty, including the timeline for release of these features to various versions of Chrome.

Another document — “Media Engagement Index” — https://docs.google.com/document/d/1_278v_plodvgtXSgnEJ0yjZJLg14Ogf-ekAFNymAJoU/edit?usp=sharing — explains the learning and deployment methodologies for determining when a user is likely to want autoplay for any given video. This appears to have probably been an internal Google doc — that was switched to public visibility at some point — so it’s especially Googley reading.

There are two important stakeholder categories here. One is well-behaved sites who need to display their videos (including ads — after all, ads are what keep most major free sites running). And of course, the other stakeholder is that user who doesn’t want their lap ripped open by the claws of a kitty who was suddenly terrified by an obnoxious and unwanted autoplay video.

The proof will be in actually using these new Chrome features. But it appears that Google has struck a good working balance for a complex equation incorporating both site and user needs. My kudos to the teams.

–Lauren–

Apple’s New Cookie Policy Looks Like a Potential Disaster for Users


UPDATE (September 15, 2017): Google’s Stake Through the Hearts of Obnoxious Autoplay Videos

– – –

Apple wants to play Big Brother. Really Big Brother. Big Brother who knows oh so much more than you do about what you want from your web browsing experience. Apple’s plans for this hostile takeover were actually laid out publicly last June, but the you-know-what is just starting to really hit the fan now.

This is going to eventually sock you in the face if you use Apple’s Safari browser, or even other browsers like Google’s Chrome on iOS 11 devices such as the iPhone (those non-Apple browsers still must use Apple’s WebKit framework on iOS). 

This gets very technical very quickly, so I’m going to try leave the techie part aside for now as much as possible, and lay out in broad strokes the mess that Apple is about to create for its users — and for the broader Internet.

In a nutshell, Apple has created a nightmarish witch’s brew of a system to ostensibly protect users from web cookies. In the process, they’re going to breaking stuff left, right, up, down, and in directions you’d need more than three dimensions to describe.

Most of us (except for European Union bureaucrats) are long since past abject and unreasoning fear of web cookies. While they can be abused, they’re also critical for routine operations at most sites, including such basic functions as persistent logins and a long list of other crucial functions. 

Up until now, it has been generally the case that “first-party” cookies — cookies sent by the same site that you’re browsing — are generally considered to be safe. “Third-party” cookies — coming from other sites — may be completely safe as well (delivering images, enabling cross-site logins, and much more), though they can also have a more checkered reputation when used for tracking purposes (so various controls on third-party cookies have become relatively common).

But now Apple, in a move that clearly seems to be based more on their public relations needs then on genuine concerns about user privacy, will apparently also be taking default control of first-party cookies as well, in a manner that could unleash vast collateral damage across the Internet.

Advertising groups are livid, fearing that the new system will decimate even user opt-in ad personalization systems, and end up favoring ads via sites like Facebook and Google where users tend to stay logged in perpetually.

And indeed, an examination of Apple’s specs for their new cookie control system — even after multiple readings — is enough to give you a headache for the ages. Since we hopefully can agree that consistent rules regarding cookie management are important to making modern websites work, then we should also be able to agree that a plan to throw a unilateral monkey wrench into that paradigm is a recipe for user confusion across the board.

Apple’s plan is basically to use an enormously complicated (and basically opaque) system to “mystically divine” whether particular cookies are good or evil, irrespective of how they were served to the user, and then apply Apple’s own rules about how those cookies may be used and how long they may persist, based on (for example) whether you’ve visited a site in the last 24 hours for one classification, or in the last 30 days for another. (Why 24 hours? Why 30 days? ‘Cause Apple says so.)

I don’t have any love for abusive Web ads or secretive tracking — but we also must understand that ads are what pay for most of the Web sites that we expect to use for free. Apple’s approach is incredibly heavy-handed and primed for all manner of creepy undesirable breakages and other negative side-effects affecting honest sites. 

Contrast this with Google’s much more sensible plan to by default block some particular classes of ads in Chrome (obnoxious autoplay videos for example), rather than tampering with the underlying cookie mechanisms on which the foundational structure of most websites now depend.

In the end of course, the real bad players that Apple claims are its focus will figure out ways to work around Apple’s system, leaving the good websites to deal with broken cookies and confused, upset users.

Back to its earliest Steve Jobs days, Apple has always been a control freak. “Our hardware! Our OS! You’ll pay through the nose — and you’ll convince yourself that you like it!”

As far as I can discern right now, Apple’s new cookie control scheme is much less about user privacy than it is about Apple trying to take control over basic Internet functionalities — everyone else be damned.

–Lauren–

The Google Account “Please Help Me!” Flood


Since I again started discussing how to protect Google Accounts — e.g. very recently in “Protecting Your Google Account from Personal Catastrophes” — https://lauren.vortex.com/2017/09/07/protecting-your-google-account-from-personal-catastrophes — I’ve been flooded with queries by Google users with confusion over Google Account issues of all sorts.

Most of them have indeed never heard of Takeout or Inactive Account Manager and many are confused about account recovery numbers and addresses, 2-factor setups, usage, and much more.

I even got a note from a Googler thanking me for that article, noting that he had never even heard of Inactive Account Manager himself!

At last count, I have over 140 specific queries (and rapidly rising) on these topics from just the last few days that I’m trying to triage. I can handle most of these through explanations myself — I always try to help where I can — but frankly it’s extremely time consuming — and doesn’t help to keep the lights on around here.

And it’s just so very wrong that I’m doing this, rather than Google having a staffer filling this kind of role to take care of these Google users — these people in desperate need of such assistance.

I know the excuses and I know the scaling concerns but it’s shameful nonetheless. If I can do this much myself from the outside, surely Google has the resources to get somebody to do as much from the inside, who is actually getting paid for their efforts at public outreach and assisting these dedicated Google users?

I’m sure it’s not a matter of money for Google. They just need to truly care about their users who depend on Google just like the rest of us, but who are being rapidly left behind under the status quo.

C’mon Google! You can do this!

–Lauren–