After years of pushing timelines for third-party cookie deprecation and eventually watering it down to an opt-in dialog, it seems Google has now fully given up on it:
Next steps for Privacy Sandbox and tracking protections in Chrome
we’ve made the decision to maintain our current approach to offering users third-party cookie choice in Chrome, and will not be rolling out a new standalone prompt for third-party cookies.
This is such a huge loss for Chrome users and the web as a whole.
They still block third-party cookies in incognito mode, but that’s such a small share of browsing.
They also say:
Users can continue to choose the best option for themselves in Chrome’s Privacy and Security Settings.
That’s nice, but only a small share of users goes into these settings, let alone understands the privacy implications of disabling third-party cookies.
There will also be not a lot of incentive for users to turn third-party cookies off, as websites which rely on them will continue to break. With third-party cookies enabled for the majority of users on the web, website vendors have no incentive to build alternatives and ad-networks still have free reign to track users.
Read more
Over the years, I've used many different personal cloud services. Back in school, around 2013, Dropbox was quite popular, so everybody used that. No fancy web interface or live editing docs, just a solid sync client.
I had even written a small chat client in Java that used a shared file in my Dropbox as a communication channel. Apart from the occasional synchronization conflict, it worked surprisingly well. At the time, I didn't think deeply about privacy or security—it simply worked, and that was good enough until around 2014-2015. Edward Snowden warned against using Dropbox in an interview with The Guardian as early as 2014, recommending "zero knowledge" services instead. Since then I've always wanted a solution with end-to-end encryption.
Later, I moved most of my files to Google Drive due to convenience. Already having email integrated there made the transition seamless, and the Google Docs integration was excellent for collaboration. This was also the point when my files exceeded typical free storage tiers (~15GB), prompting my first paid cloud storage subscription. Google Drive offered 1TB for around 10€ per month back then, that seemed fair. Privacy-wise, however, this wasn't a big improvement over Dropbox—both Google Drive and Google Photos lack end-to-end encryption.
In 2015, driven primarily by privacy concerns, I chose a self-hosted solution: ownCloud. At that time, its now-popular fork, NextCloud, didn't yet exist. Renting a dedicated server from Hetzner for approximately 30€ per month, I installed ownCloud and set up a software RAID 1 configuration using two 2TB HDDs. This gave me about 2TB of usable space. Things initially ran smoothly, allowing me to migrate all my files from Google Drive. Over time, friends and family even started using my server.
However, maintaining my own cloud came with challenges. The sync client wasn't very mature back then, and I ran into frequent synchronization issues, particularly when working with lots of files. My friends and family experienced similar issues. Administration, especially major version upgrades, wasn't trivial back then. Today's NextCloud docker deployment options look more straightforward, so I would like to revisit this solution.
Another significant problem was backups. If I wanted to keep running this, especially with friends' data, I'd need a proper backup solution, meaning additional costs for backup storage. Financially and administratively, the project became unsustainable, so I wound it down over the next few months.
I decided to migrate my data back to Google Drive and stayed there for a couple years, until I entered back into the Apple ecosystem. I got a MacBook for work and eventually switched back from Android to iOS. The tight integration with macOS and iOS is what made me want to try iCloud. When Apple eventually announced Advanced Data Protection, a mode in which they claim to end-to-end encrypt most of the sensitive photos, notes and file data, I made the switch. It was the first big cloud service that offered E2E encryption.
Transferring the data was painful. With Advanced Data Protection enabled, only Apple devices can read/write data. Since I had more data in Google Drive than disk size I had to stagger the uploads. Upload some of the data, delete parts of the local files, then upload more. This was a tedious process that took a couple days, not only because of my slow upload speed back then.
Popular (Private?) Cloud Services
Mainstream cloud providers often have the best features (Google Drive) or better integration with the ecosystem (Apple iCloud). What they lack is verifiable end-to-end encryption. Google Drive doesn't offer it at all, and Apple's "Advanced Data Protection" claims it encrypts at least the file contents, but since it's not open source this claim can not be verified.
I want to explore more privacy-oriented products, such as Proton Drive, but looking at recent reviews, they haven't yet achieved the maturity level and feature set I'd expect.
For photos, Ente seems promising—open-source, end-to-end encrypted, and comparable in price. It even offers self-hosting.
For files NextCloud seems like the most mature solution nowadays. It can be self hosted, e.g. via Docker, or you can rent a managed instance with a provider such as IONOS and Hetzner. For more privacy I'd go with the self-hosted solution here, since the companies managing these instances, at least theoretically, have access to your data. Nextcloud's end-to-end encryption Module only covers specific folders. Even if it covered all cloud data, nothing would stop these hosts from changing the server implementation to provide a backdoor into the data.
Going Back to Self-Hosting
Currently, I'm planning a return to self-hosting. I intend to purchase a small workstation to run Nextcloud, Jellyfin or Plex, Immich, and Home Assistant via Docker. I'll share more details as the project progresses.
Addendum
Here are cloud services I find interesting but haven't yet tried:
- Proton Drive: Cloud storage with E2E encryption.
- Immich: Self-hosted photo and video storage, an open-source alternative.
- Ente: Privacy-centric photo storage with E2E encryption.