Preparing for a More Private Web

About the talk

Across the entire web and browser ecosystem there is a move to make things both more secure and more private. Third-party cookies are going away, information is being removed from the user-agent string, browsers are partitioning their storage, and more. At the same time, we still need ways to use third-party services as part of building our sites.

We'll explore how to determine if these changes affect your sites and services along with a selection of best practices to secure your site against threats. Learn how cookies are evolving, alternatives to the user-agent string for client information, keeping control of the resources on your site with Content Security Policy and Permissions Policy, along with implementing cross-site isolation to combat threats like Spectre.

Some of these are techniques you can apply to your site immediately, but others are proposals for how the web platform could work in the future. We'll explore how you can track and contribute to these proposals as we all work towards a safer, more private web.

Rowan Merewood

Developer Relations Engineer for Chrome @ Google

Rowan leads the developer relations team for security, privacy, payments, and identity on the web - basically anywhere you're trying to create (or specifically not create!) a relationship on the web. He's been at Google for nearly 9 years working across a variety of products from Firebase, Android Wear, all the way back to Google+.