Google Chrome is changing the way it shares user-agents for increased privacy of users. You can read more about it here: https://www.chromestatus.com/feature/5704553745874944
Google Chrome has released Client Hints to provide device information. This first release “is intended to allow for developers to experiment and provide feedback”: https://groups.google.com/a/chromium.org/g/blink-dev/c/-2JIRNMWJ7s/m/u-YzXjZ8BAAJ
How it works (simple overview)
- A user sends a request to our site via their browser (e.g. “show me an article”)
- Our server sends a response that includes the article and a header that asks the browser to send some user data on the next request
- If the user makes subsequent requests (e.g. “show me another article” or “show me the editor so I can edit this article”) they will also include this user data
Differences from receiving the user agent string
- The site asks explicitly for the information, meaning that this can be flagged up to the user
- The site specifies which information it needs, out of this list
- Browsers may legitimately decline to send the information (e.g. if considered unnecessary or if the site is asking for too much)
- If the user only ever sends one request, we will not receive any extra data
Client hints is an experimental feature on Chrome 84, meaning that the browser will only send client hint data if the user has enabled Experimental Web Platform features (disabled by default).
|Google Chrome Stable Version||Stable promotion||What happens then?|
|Chrome 84||July 14 2020||Sec-CH-UA Client Hints|
Deprecation of the user agent string has been deferred until at least 2021.
Implications on CheckUser
User-agent strings are important pieces of information for checkusers and stewards in their work of detecting and blocking sock accounts. To continue to get that important data, we should implement support for client-hints on our end.
Even with client hints, the fingerprinting data may become unavailable to CheckUser in ways beyond our control (see Differences from receiving the user agent string). This should be discussed with checkusers.
Implications on privacy awareness
By actively asking for data, we expose Wikimedia to scrutiny over when/why we're asking for it. Anti-vandalism is an important reason. The vast majority of requests to our site don't result in making changes stored in CheckUser.
Fingerprinting for fighting vandalism is considered a legitimate but unfortunate use case, and may not always be supported in the future: https://github.com/WICG/ua-client-hints#fingerprinting
- T258591: Technical investigation into an experiment for using client hints in CheckUser [8H]
- T258592: Investigate how users perform actions logged in CheckUser, ahead of UA deprecation [8H]