Add Cliqz/Ghostery Details

[sammacbeth]

As per #1, I'd be happy to provide the details for Cliqz's anti-tracking. This same protection is also included in Ghostery.

Shall I provide details as in the other issue, or would you prefer a PR with the changes?

[sahava]

Perfect, thank you @sammacbeth!

Please provide answers to the following (see the other browser entries for inspiration):

• What the tracking protection mechanism is called (if anything), e.g. "Intelligent Tracking Prevention" for WebKit
• Which version (with link to release notes) is the latest version of this mechanism deployed in
• Link to the latest release of the browser
• What is the default protection mode called (e.g. "Balanced" in Edge)
• How are "known trackers" classified (e.g. "Disconnect.me" for Firefox), link to list if a public list is used
• How does tracking protection impact cookies in 3P context
• How does tracking protection impact cookies in 1P context
• How is other browser storage (localStorage, sessionStorage, IndexedDB) impacted in 3P context
• How is other browser storage (same) impacted in 1P context
• What is the default referrer policy & is there other impact on referrer from a tracking protection point of view

Also - is there an icon logo I can use for the sidebar entry? Grayscale with transparent background.

[sammacbeth]

Mechanism: Anti-Tracking.

Version: Cliqz browser 1.31.0

Latest release Cliqz

Default protection mode called: It has no name (we have just default and 'strict').

How are "known trackers" classified: Algorithmically based on data about tracker presence across the web (paper). An aggregated version of this data can be viewed on WhoTracks.Me. Updates daily.

How does tracking protection impact cookies in 3P context: Cookies from trackers are blocked, unless a heuristic is triggered to allow. Heuristics include user interaction with the 3rd party widget, and rules to detect certain login flows (such as some OAuth implementations) that require some cookies to be allowed.

Further to this, cookies set on tracker origins that the user has not visited as a first party are expired after 1 hour. If visited infrequently expiry is 7 days, otherwise 30 days.

How does tracking protection impact cookies in 1P context: First party visits to tracker domains have their expiry limited as mentioned above (7 or 30 days). All other cookies are expired maximum 30 days after last visit to the site. For non-httpOnly cookies, this is 7 days.

How is other browser storage (localStorage, sessionStorage, IndexedDB) impacted in 3P context: Currently not limited, but we intend to inherit Firefox behaviour using our custom, algorithmically generated, tracker list.

How is other browser storage (same) impacted in 1P context: No limitations.

What is the default referrer policy & is there other impact on referrer from a tracking protection point of view: Default browser policy (inherited from Firefox).

Note we also have an additional anti-fingerprinting mechanism that removes potential identifiers from the query parameters of requests to 3rd party domains. This method is described in our 2016 paper and also this blog post.

Ghostery bundles a subset of this functionality, but I guess is out-of-scope for this comparison as it is an extension and not a standalone browser.

Attaching some logos too. Cliqz-Browser-512x512_grey@2x.pdf

Thanks for the great project, super useful resource!

[sahava]

Added Cliqz details in 09d5922073f575b5434fb3c44860d4e25bcd9497

Please check Cliqz details in Current Status and here.

Thank you so much! The Cliqz-specific section is also created, but as with others, it's still just placeholder text until I have time to compile the contents :)