Google do not care about the user. Google do not care about security. Google care about advertising.
Google had previously tried to break usability on the web by removing the “www.” and “http(s)://” parts of the URL displaying in Chrome. Facing a strong backlash from users, they quietly shelved the plans.
Now they are trying again, with the same nonsense excuses for it: “ The Chrome team values the simplicity, usability, and security of UI surfaces. To make URLs easier to read and understand, and to remove distractions from the registrable domain, we will hide URL components that are irrelevant to most Chrome users. We plan to hide “https” scheme and special-case subdomain “www” in Chrome omnibox on desktop and Android in M76.”
Google do not care about the user. The user is their product, not the customer. This is not about simplicity, usability, or security.
This move is all about Google enabling the silent control of content via Accelerated Mobile Page (AMP). AMP is, essentially, a copy of a website that is cached by Google. Google want to serve AMP copies of content, by default, in their search results and in the Chrome browser.
The excuse is always the same trite nonsense: a faster, more secure user experience. Safer browsing by eliminating web-based malware. Faster page load times allowing for a better user experience.
This is all nonsense. It is a lie. Google’s goal with AMP is to control the entire user experience. By serving the page themselves, Google are able to get further analytics details on user behaviour — which they then sell to advertisers.
Google, at it’s core, is not a technology company. It is an advertising company. Google’s financial statements make this clear:
“From 2015 to 2016 Google’s annual revenue grew over 21%. During that time, revenue from Google websites has comprised a relatively consistent 67 to 68 percent of total company revenue. With the inclusion of the advertising network, Google earns about 90 percent of its entire income from advertising.” How Google Makes Money
In 2017, “Revenue from Google’s ad business grew by 21 percent from last year and accounts for 84 percent of Alphabet’s total revenue.” Google parent Alphabet reports soaring ad revenue, despite YouTube backlash
The security angle to this doesn’t even make any sense. How is hiding the full location and details of a website you are viewing in any way making things more secure for the user?
The reality is that this proposal results in less security for the end user. By hiding the full URL in the browser, phishing attempts and fake websites become even more successful. We already have evidence of this: in 2017, a team of Russian hackers exploited issues around AMP to build a phishing website targeting journalists.
Google’s plan isn’t just going to break a fundamental usability concept when using the web. This also gives Google direct control over other people’s content. If I use a Content Delivery Network (CDN) — like Cloudflare — I can enable and use several technologies that modify the code on my website to speed up page loading times or to make things more secure.
AMP gives Google the power to modify content — without the content provider’s knowledge, or ability to control the modifications. A simple example: say I don’t want to use Google Analytics’ tracking solution on my website. AMP will automatically layer that over the top of my content — even if I don’t want it to — and the resulting analytics and user analysis go to Google, not to me as the site owner and content producer.
Both academics and politicians in the European Parliament have highlighted that Google’s work with AMP is anti-competitive and is about controlling content on the web. Google’s plan is bad for users, bad for security, and ultimately is bad for the web.