{"id":37977,"date":"2020-11-02T08:15:12","date_gmt":"2020-11-02T08:15:12","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/"},"modified":"2020-11-02T08:15:12","modified_gmt":"2020-11-02T08:15:12","slug":"google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/","title":{"rendered":"Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use"},"content":{"rendered":"

Analysis<\/strong> Six years ago, Google revised its reCAPTCHA service, designed to filter out bots, scrapers, and other automated web browsing, and allow humans through to websites.<\/p>\n

The v2 update in 2014 added an iframe or HTML Inline Frame, which is a way of embedding one web page in another. Then there was the v3 update in 2018, which added machine learning to the mix, to reduce the need for interaction with bot detection challenges.<\/p>\n

reCAPTCHA makes it possible for the internet giant to challenge netizens to prove they are real people, by completing picture puzzles and the like, while providing plumbing to potentially funnel information about folks into its advertising business. Google insists it doesn’t use reCAPTCHA data for personalized<\/i> adverts, and says as much in the reCAPTCHA terms of service.<\/p>\n

Yet the Silicon Valley corp’s fine-print and other disclosures stop short of saying reCAPTCHA is completely quarantined from all ad-related data collection. And privacy researchers now argue that the company needs to clarify that point.<\/p>\n

Zach Edwards, co-founder of web analytics biz Victory Medium, found that Google’s reCAPTCHA’s JavaScript code makes it possible for the mega-corp to conduct “triangle syncing,” a way for two distinct web domains to associate the cookies they set for a given individual. In such an event, if a person visits a website implementing tracking scripts tied to either those two advertising domains, both companies would receive network requests linked to the visitor and either could display an ad targeting that particular individual.<\/p>\n

Two different domains generally shouldn’t have access to the same set of cookie data, based on the distinction between first-party and third-party resources in the web browser security model. But triangle syncing dissolves that separation.<\/p>\n

Triangle of ad success?<\/span>
\n<\/h3>\n

“Triangle syncs expand an advertising universe and make it possible to target someone across more domains,” Edwards told The Register<\/i>.<\/p>\n

It’s a common practice in advertising, he said, so that two separate companies with two separate domains can share data, such as the identifiers associated with a particular individual. And it’s also done within a single company like Google that operates more than one domain and wants to track internet users across the different domains.<\/p>\n

“So reCAPTCHA’s gstatic.com<\/code> domain doing a triangle sync to google.com<\/code> basically ensures that a user can be found\/tracked if either of those domains is embedded into a website,” Edwards said.<\/p>\n

\"captcha\"<\/p>\n

Cloudflare dumps Google’s reCAPTCHA, moves to hCaptcha as free ride ends (and something about privacy)<\/h2>\n

READ MORE<\/span><\/a><\/div>\n

According to Google, the company doesn’t use reCAPTCHA for triangle syncing and reCAPTCHA loads static resources from two places on gstatic.com<\/code>, with no cookies written or read. No triangle request or sync is done as part of this process, we were told. And the gstatic.com<\/code> domain is supposedly “cookieless,” in that it has been designed to be unable to collect cookie data.<\/p>\n

Yet, reCAPTCHA JavaScript code<\/a> hosted at Google’s gstatic.com<\/code> domain includes multiple references to cookies. And visiting a web page embedded with a reCAPTCHA widget does set a google.com<\/code> “NID” preference cookie<\/a>, even if you try to block third-party cookies.<\/p>\n

Edwards says what’s going on isn’t typical triangle syncing. He says if you embed a reCAPTCHA on a site like ncrts.com<\/code>, for example, the gstatic.com<\/code> requests then redirect to a new request to google.com<\/code> and then google.com<\/code> sets its cookie. “It’s a triangle sync not in a traditional cookie match sync on both sides, but in a request + cookie match,” he said.<\/p>\n

He also points out that Google’s privacy policy<\/a> identifies the gstatic.com<\/code> domain specifically as one of many domains used to set cookies for its advertising products.<\/p>\n

Google maintains gstatic.com<\/code> doesn’t read or write cookies, but it appears the domain invites google.com<\/code> to set them.<\/p>\n

T&Cs<\/span>
\n<\/h3>\n

Edwards argues Google isn’t being straightforward about how it handles cookies, noting that in a Safari browser test he conducted, the Google domain sets session keys, a form of temporary browser data storage linked to a server, instead of cookies.<\/p>\n

Google’s reCAPTCHA terms of service state that the service sends device and application data to the company. It specifies how it handles that data thus: “The information collected in connection with your use of the service will be used for improving reCAPTCHA and for general security purposes. It will not be used for personalized advertising by Google.”<\/p>\n

The Register<\/i> specifically asked Google whether reCAPTCHA data might be used for some aspect of the ad business other than personalized advertising. It might, for example, be helpful to fight ad fraud.<\/p>\n

Google’s spokesperson cited the policy spelled out above \u2013 the data improves reCAPTCHA and may be used for general security purposes, whatever that means.<\/p>\n

Via Twitter, Ashkan Soltani, a privacy researcher and former Federal Trade Commission technologist, said what Google is doing looks a lot like what the company did in 2011 and 2012 to bypass Safari’s third-party cookie blocking.<\/p>\n

\n

Here\u2019s a quick clip showing how Google\u2019s ReCaptcha sets a 3rd party cookie even when @Mozilla<\/a> @Firefox<\/a> is set to block \u201ccross-site tracking cookies\u201d #privacy<\/a> #cookiewars<\/a> pic.twitter.com\/vWgibJ20ty<\/a><\/p>\n

\u2014 ashkan soltani (@ashk4n) October 30, 2020<\/a><\/p><\/blockquote>\n

In 2012, America’s consumer watchdog the FTC fined Google $22.5m<\/a> for misrepresenting to Safari users that it would not place tracking cookies.<\/p>\n

Solanti also suggested Facebook’s 2019 settlement with the FTC<\/a> may be relevant. In that case, Facebook was penalized for collecting data for one purpose (security) and also using it for another (ads).<\/p>\n

In an email to The Register<\/i>, Soltani said he had tested Edwards’s claims and confirmed that reCAPTCHA sets google.com<\/code> cookies even when the user’s browser has been configured to block third-party cookies.<\/p>\n

He subsequently posted the video depicting the network requests from visiting the hubspot.com\/abuse-complaints page, which calls a google.com<\/code>-hosted reCAPTCHA script that runs gstatic.com<\/code>-hosted code for invoking a reCAPTCHA puzzle.<\/p>\n

Discussing what was going on, Soltani said the main issue is whether those who rely reCAPTCHA for security are exposing users to profiling by Google for the purpose of advertising.<\/p>\n

Google’s privacy disclosures may be adequate to cover reCAPTCHA’s role if it were found to play a role in the company’s ad business. Google does disclose that it sets advertising cookies via its gstatic.com<\/code> domain.<\/p>\n

Data CAPTCHA<\/span>
\n<\/h3>\n

Edwards however argues that Google hasn’t been sufficiently clear that reCAPTCHA uses this domain.<\/p>\n

“It’s problematic for publishers who care about user privacy,” he said, because if you implement reCAPTCHA on your website and don’t disclose that you set google.com<\/code> cookies, that runs the risk of violating some aspects of the “right to know” requirement under the California Consumer Privacy Act.<\/p>\n

Edwards contends that websites in Europe will need to rethink how they use reCAPTCHA for bot defense.<\/p>\n

“In my opinion, organizations in Europe that use reCAPTCHA for spam protection now need to move reCAPTCHA behind their consent walls,” he said.<\/p>\n

“It’s a huge stretch to call syncing cookies to google.com<\/code> mandatory in any way, and it doesn’t seem possible to deploy reCAPTCHA in any way anymore that doesn’t do that sync.”<\/p>\n

Google already recommends that in reCAPTCHA’s terms of service, which state, “For users in the European Union, you and your API Client(s) must comply with the EU User Consent Policy<\/a>.” \u00ae<\/p>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Web giant insists anti-bot service isn’t used for personalized ads \u2013 but cookie claims don’t quite add up Analysis\u00a0 Six years ago, Google revised its reCAPTCHA service, designed to filter out bots, scrapers, and other automated web browsing, and allow humans through to websites.\u2026 READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":37978,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-37977","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"\nGoogle reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-11-02T08:15:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use\",\"datePublished\":\"2020-11-02T08:15:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\\\/\"},\"wordCount\":1220,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\\\/\",\"name\":\"Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use.jpg\",\"datePublished\":\"2020-11-02T08:15:12+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/","og_locale":"en_US","og_type":"article","og_title":"Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-11-02T08:15:12+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use","datePublished":"2020-11-02T08:15:12+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/"},"wordCount":1220,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/","url":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/","name":"Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use.jpg","datePublished":"2020-11-02T08:15:12+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/11\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/google-recaptcha-service-under-the-microscope-questions-raised-over-privacy-promises-cookie-use\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Google reCAPTCHA service under the microscope: Questions raised over privacy promises, cookie use"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/37977","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=37977"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/37977\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/37978"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=37977"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=37977"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=37977"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}