Request for feedback. Feature idea: Cookie sandboxing / automatic wiping

Many websites track users’ visits and actively degrade content or provide unwanted personalization.

The following sites use tracking to block content for repeat visitors:

Sites like YouTube will track what you watch and personalize the homepage.

Google/Facebook track people’s activity across websites for advertising purposes.

There are two features I’m considering to make user tracking more difficult.

Feature 1:
As a user,
I want to not be tracked across multiple websites by companies like Facebook/Google,
So my browsing history is more difficult for them to piece together.

Feature 2:
As a user,
I want a fresh experience on certain websites,
So websites will have difficulty actively degrading or personalizing my experience.

The solution I had in mind was to namespace cookies (in addition to the existing per-request namespacing) to the ETLD+1 (effective top level domain plus one) in the location bar.


Feature 1 possible implementation:

Given cookie namespacing is enabled for (.*\.)*example\.com, and
Given I visit, and
When the initial request is made for, or
When subsequent requests are made by the page loaded at,
Then the only cookies that will be sent with the request are cookies that were obtained while operating in the namespace associated with

Feature 2 possible implementation:

Given I have designated a namespace as ephemeral,
When I close all tabs associated with the ephemeral namespace,
Then the cookies in the ephemeral namespace are deleted.

This would be most effective on an opt-out basis, but I understand that may break the user experience on some websites (e.g. moving from to There are ways to address this (e.g., namespace stickiness, or many-to-one ETLD+1-to-namespace mappings).

I’m not sure what the best user experience may be. I suspect opt-in would be the best way to launch the feature and metrics could show how often users have to add multiple ETLD+1s to a namespace.

What do people think about the suggested privacy enhancements? Any better approaches come to mind? Any additional problems to what I’ve already highlighted?

For some use-cases, it may be desirable to create namespaces more specific than the ETLD+1.

As a user,
I want a namespace for
So I can remain logged in to my email while being logged out of other google services (such as maps/search).