Google Chrome’s wew “IP protection” will hide users’ IP addresses

Google Chrome's new

Google is set to roll out an innovative feature for its Chrome browser, known as “IP Protection,” aimed at bolstering user privacy by concealing their IP addresses through the use of proxy servers. This move comes in response to growing concerns over the potential misuse of IP addresses for covert tracking.

IP addresses play a pivotal role in allowing websites and online services to track user activities across the web, leading to the creation of persistent user profiles. Unlike the soon-to-be-phased-out third-party cookies, users currently lack a direct method to evade this kind of tracking, raising significant privacy issues.

The “IP Protection” solution seeks to address this challenge by routing third-party traffic from specific domains through proxy servers, rendering users’ IP addresses invisible to these domains. As the online landscape evolves, so will IP Protection, adapting to safeguard users from cross-site tracking and potentially adding more domains to the list of proxied traffic.

Initially, this feature will be optional, allowing users to retain control over their privacy while enabling Google to monitor usage patterns. The implementation will occur in phases to accommodate regional considerations and ensure a smooth learning curve. During the initial stage, only specific domains will be affected in third-party contexts, focusing on those believed to be tracking users.

The first phase, referred to as “Phase 0,” will see Google routing requests only to its own domains using a proprietary proxy. This approach will serve as a testing ground for the system’s infrastructure and allow for fine-tuning of the domain list. Initially, access to these proxies will be limited to users logged into Google Chrome with US-based IPs.

To prevent potential misuse, Google plans to distribute access tokens through an authentication server it operates, setting a quota for each user. In subsequent phases, Google intends to introduce a 2-hop proxy system to further enhance user privacy. This approach involves an external content delivery network (CDN) running the second proxy, while Google manages the first hop. Such a setup ensures that neither proxy can see both the client’s IP address and the destination, improving overall security.

Considering that many online services rely on GeoIP to determine users’ locations for service provision, Google plans to assign IP addresses to proxy connections that represent a “coarse” location, rather than providing specific details.

Among the domains selected for testing this feature are Google’s own platforms, including Gmail and AdServices. The rollout of this feature is expected to occur between Chrome version 119 and 225.

However, Google acknowledges cybersecurity concerns related to the new IP Protection feature. Proxied traffic through Google’s servers could pose challenges for security and fraud protection services in terms of blocking DDoS attacks and detecting invalid traffic. To mitigate these risks, Google is contemplating user authentication with the proxy, preventing proxies from linking web requests to specific accounts, and implementing rate-limiting measures to thwart DDoS attacks.