Google Chrome has recently released a new feature to block spam notifications and although that may seem great on paper, in reality it has the potential to destroy the Web Push technology forever.
What the change is about
Chrome is launching warnings of unwanted notifications on Android. This new feature uses on-device machine learning to detect and warn you about potentially deceptive or spammy notifications, giving you an extra level of control over the information displayed on your device
Fighting Unwanted Notifications with Machine Learning in Chrome: this is the title on the official Chromium blog where the new feature has been announced.
Even the title alone is strange: there are no "unwanted" messages in this context. Unlike native apps that have notifications enabled as soon as you install them, websites cannot do that: you need to explicitly click on the permission prompt to enable the notifications for a website or web app. And you can also unsubscribe with just one click. Once you do that, it is technically impossible for the website to send you more messages. This is a major difference from email, where anyone can send you "unwanted" messages. So calling them "Unwanted Notifications" is misleading, because you have opted to receive them and you can unsubscribe at any time if you change your mind.
What happens to flagged notifications
If a notification is flagged by the Chrome filter, instead of the actual notification content, you will see a Chrome notification with this message:
Possible spam
Chrome detected possible spam from example.com
The notification has also two buttons: Unsubscribe and Show notification.
If you click on Unsubscribe you will be immediately unsubscribed from all the website notifications, without even seeing the message that triggered that automatic warning.
If you click Show notification you can see the original notification content and you see again an Unsubscribe button at the bottom of the original notification.
All these "call to action" buttons seem designed to induce the user to unsubscribe from notifications.
Web Push doesn't have spam, it's not like emails
In general, spam messages can be defined as "unsolicited bulk messages".
Unlike emails, notifications don't have spam and don't need a spam filter: you cannot send a notification to a user if they haven't opted in from your website.
You need to manually visit a website and click Accept on the browser notification prompt in order to receive the notifications from that website. Many websites even use a double opt-in prompt where you basically confirm two times that you want to receive the notifications.
Spam messages are by definition unwanted messages where you didn't give consent, and that doesn't exist in the context of web push notifications. Moreover, you can always unsubscribe with one click and when you unsubscribe there is technically no way for the website to send you other messages. Isn't this enough? Is it really necessary to introduce a closed-source spam filter that can arbitrarily decide what is spam?
Google may want to favor other channels over Web Push
Google may have some economic interests here. On one side, it is the Chrome maintainer and a gatekeeper, that should preserve internet neutrality and transparency, on the other, it controls all the largest advertising channels on the web. We are not going to judge Google here, but let's just say that it's possible that Google may have some interests to favor other communication channels (Ads, YouTube, etc.) over Web Push.
Web Push Notifications are a powerful and private communication channel. They allow websites to stay in touch with their user base directly, without relying on social media and proprietary algorithms. User messages sent using Web Push cannot be tracked, no data can be collected for profiling (messages are encrypted end-to-end). And Web Push is also a free technology, unlike paid advertising. This is why it is important to preserve the neutrality of the Web Push technology. One key principle of the Open Source Definition is “No Discrimination Against Fields of Endeavor”: we want to see that same principle applied to this communication channel and to the open source software (like Chromium) involved in this technology. We don't want to see different topics or messages randomly killed and hidden by an algorithm.
Web Push is also a communication and marketing channel built on standards and may represent an alternative to paid advertising channels, like Google Ads. Reducing the reliability and effectiveness of channels like email (which has very complex and often unpredictable anti-spam rules) and now web push, may give advantage to the proprietary paid channels. Since Google is in dominant position on the web and a gatekeeper, they should always remember to respect the basic competitive rules.
It's not the first time that Google introduces new features to weaken this communication channel or to make it more difficult to get subscriptions on this channel:
- Obtaining push subscribers becomes more difficult every day for websites. The browser permission prompt can be displayed only once. If the user doesn't accept the notifications, the native permission prompt cannot be displayed again (not even after months). This rule seems very aggressive and most websites implement the double opt-in prompt as a mitigation: however using the double opt-in prompt has the downside that the user needs to accept two consecutive prompts in order to enable the notifications, thus creating friction in the subscription process. Moreover, if the user doesn't accept the notifications, enabling them later from browser settings becomes difficult for non-technical users. Finally, there are sometimes additional requirements regarding how you should ask users to subscribe to notifications. Requirements often change over time and are unpredictable. Penalization can go from a minimization of the prompt in the top navigation bar to a complete block. But the question is: if the browser permission prompt is technically required and the text of that prompt cannot be altered by the website, isn't that enough to protect the users from unwanted notifications?
- Google in the last years introduced a change, at least on Android, where the prompt for notifications is often moved to a small alert in the top that says that notifications have been blocked. Even if a website is legit and respects all the rules, if you try to display the prompt for notifications on page load, the prompt is often dismissed automatically and replaced with this small notice at the top of the screen. This obviously reduces the number of push subscribers and makes it more difficult to collect push subscriptions.
- A prominent "Unsubscribe" button has been added in the last years to every single notification received by the user. Although we agree that it should be easy for a user to unsubscribe, these large CTA buttons on every notification seem too much. There is also a different treatment between native apps and web apps on Android: the native apps don't have this large button and you can block them only after a long tap.
- About 1 year ago, Google removed billions of notification subscriptions saying that they were inactive: however there are some reports from users that saw a drop in the notification engagement metrics (like clicks) after that change, suggesting that the change may have affected some push subscriptions that were still valid.
It's also worth noting that Google doesn't have any spam filter like this on notifications sent from native apps. This choice is very suspicious, since native apps have notifications enabled by default, unlike websites, which need to display a permission prompt. So, if a filter is necessary, probably Google should first add it to the native notifications, not to Web Push, which already offers many protections. Basically Google is favoring its store again compared to the open web.
It's like Google doesn't like Web Push anymore (maybe because it's not a paid channel?) and it's trying to kill it one feature at a time.
Users are already protected
End users are already protected by other systems. We don't need an additional, arbitrary spam filter on notifications.
There are already better anti spam systems for notifications. For example, if a website has malware or actual scams and Google Safe Browsing detects that, notifications on that website are already blocked automatically.
The effects of the new filter are unpredictable
This new spam filter is unreliable, unverifiable and can be easily abused, by filtering certain topics or words. It's the end of a direct channel of communication. It ends the guarantee that a message is delivered to a user that asked to receive those messages.
The filter is unreliable because it is trained on synthetic data, not actual data (since actual data is private). From the Chromium blog:
Due to the sensitive nature of notifications content, the model was trained using synthetic data generated by the Gemini large language model (LLM). The training data was evaluated against real notifications Chrome security team collected by subscribing to a variety of websites that were then classified by human experts.
Basically what we understand is that most data is synthetic and that only some checks on actual websites were made manually. This is even worse than normal spam filters, where the training data is extremely large and updated in real time based on real spam emails. Here Google, based on some samples, is just making assumptions about what is spam.
The model is trained on the textual contents of the notification, like the title, body, and action button texts.
Filtering based on message content is unreliable. They are not blocking dangerous websites, they are filtering all notifications based on textual content. Even a single word like "Bitcoin", "Free", a single emoji (like the siren icon) or a CTA like "Act now" may trigger the spam filter. There are already some user reports that suggest that. However the exact sentences that trigger the filter are unpredictable, since the filter is based on machine learning and the model and the training data were not made public.
Is this the first step to kill Web Push privacy and reliability?
Web Push is end-to-end encrypted to preserve privacy and we see this as a first step from Google to invade this private space. It is using the decrypted message on the user device to circumvent this privacy guarantee.
At Pushpad, we strongly oppose this decision made by Google, because it is a threat to internet communication freedom and puts this channel of communication at risk, making the delivery of messages totally discretional based on Google proprietary filters.
This new feature may be the first step to destroy the Web Push technology, its reliability as a delivery method, and the privacy of this private communication channel. The false positives will also destroy the marketing campaigns of many legitimate senders.
As a sender, what can you do?
If you send web push notifications and you see a drop in the number of clicks, consider trying with different sentences and try to remove all the words (like "urgent", "free", etc.) that can trigger the spam filter. Monitor the CTR for each notification and if you see a lower CTR than usual, try to send the notification again with a different text.
In any case, if you have reports of legitimate notifications that get blocked by Google Chrome spam filter, you can send us an email and we will collect all the complaints. We will also use them to keep you updated when we get more information about this new change in Chrome.