m.t now returns a “Permissions-Policy: interest-cohort=()” header on all HTTP responses. This opts the site out of Google Chrome’s new Federated Learning of Cohorts (FLoC) tracking; this change will also be included in future versions of the Mastodon source code: github.com/tootsuite/mastodon/

You can read more about how to opt the sites that you manage out of this new surveillance technology here: paramdeo.com/blog/opting-your-


@hypolite it's hard to believe that such a poorly-conceived and poorly-communicated technology like FLoC would have webmasters scrambling to protect user's privacy however they can (even if it's not necessary).

· · Web · 1 · 0 · 0
@ashfurrow I don't have anything against webmasters in particular, but I don't think Mastodon itself (or Friendica for that matter, where this question was solved quickly) should use this non-standard header. Especially after the Do Not Track non-standard header fiasco.

@hypolite but when we embed a YouTube video, for example, isn’t that possibly using the cohort API?

@ashfurrow Possibly, but even in this case using the header will not prevent tracking because you're just plain hitting one of Google's property, so they can fingerprint you six ways to Sunday anyway.
Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!