Google’s Web Environment Integrity (WEI) proposal is causing a stir among developers, as it allegedly promises to enhance online privacy and safety. Ben Wiser, a software engineer at Google, claims WEI seeks to address online fraud and abuse without privacy issues stemming from browser fingerprinting and cross-site tracking. The WEI experiment forms part of a wider effort to maintain web security, whilst discouraging cross-site tracking and reducing reliance on fingerprinting for countering fraud and abuse.
WEI is essentially an attestation scheme. This allows web publishers to implement code on their site or app that cross-verifies a visitor’s software and hardware authenticity with a trusted third-party, such as Google. Attestation is the transmission of a token – derived from undisclosed hardware and software traits – to show whether the client is trustworthy. The website publisher then decides on an appropriate response.
Despite these assurances, critics fear WEI could be misused. Concerns include the potential for banning ad blocking, limiting web scraping, blocking certain browsers, and other limitations on legal web activities. The criteria for WEI’s attestation check remain unknown, and critics worry about the technology being misused beyond its intended application. The tech community insists that the internet should not fall under a permission-based regime, where a third party assesses the worthiness of users based on opaque criteria.
Jon von Tetzchner, CEO of Vivaldi, a browser maker, has voiced his concerns about the WEI approach. He criticizes Google’s increased surveillance as the supposed solution to the surveillance economy. He argues that instead of focusing on who is viewing its ads, Google should focus on where its ads are displayed, suggesting that the actual solution should involve moving away from the surveillance economy.