- Better Privacy with Chromium’s Privacy Sandbox
- By Mahdhi Rezvi
- The Nuggets translation Project
- Permanent link to this article: github.com/xitu/gold-m…
- Translator: Badd
- Proofread: CristoMonte, PingHGao, PassionPenguin, Chorer
Chromium Privacy Sandbox makes user privacy more secure
There’s been a lot of discussion about privacy and security lately, especially when it comes to browsers. WhatsApp made waves a while ago when it announced that it would share user data with its parent company, Facebook. According to Wired, WhatsApp has been sharing user data with Facebook for years. The uproar has sparked a debate about using user data for advertising services.
You could argue that personal data should not be shared with Facebook for targeted advertising. But I believe that if this process is done properly and legally, it will do more good than harm. Imagine talking to a friend about a phone on WhatsApp, and the next thing you know, you see an AD for that phone on Facebook. Although your first reaction may be terrifying, without these customized ads, you wouldn’t know the store was selling the phone at a very attractive price.
With both users and businesses benefiting so much, proposals have sprung up to change the way advertising works. The privacy sandbox is Google’s new approach to improving the web ecosystem while ensuring that companies can make money from advertising.
What is a privacy sandbox?
The privacy sandbox is a set of solutions from Google that aims to “create a thriving web ecosystem where users and their privacy rights are treated with a minimum of respect”. The solution provides a privacy API that allows companies to make money without using third-party cookies to track users. In this cookie-free scenario, Google wants to be able to target ads, convert traffic, and prevent fraud according to the standards set by the privacy sandbox. In the meantime, cookies in this scenario will be replaced by the privacy API mentioned above.
In software engineering terms, the term “sandbox” refers to a protected environment. In this privacy sandbox scheme, user data is secured in a secure local environment within the browser. Advertisers can only access the information they want through a given API. These apis do not expose any data other than information required by advertisers.
One of the key tenets of the privacy sandbox is that users’ private data should be protected and never shared in a way that identifies users across sites.
Here’s a look at how privacy sandboxes are changing the way we surf the Web without using third-party cookies.
Advertising based on user interests
Federated Learning of Cohorts, or FLoC, is one of the schemes used to replace third-party cookies in targeted advertising. The idea is to change the way users are tracked by looking at the browsing behaviour of a group of similar people rather than individual individuals. This new approach allows companies to group users with similar interests and match targeted advertising to the right users. This novel approach “hides” a single user from the public and uses on-device processing to secure user data locally.
Google’s AD team has successfully tested this approach and found that advertisers can expect to get at least 95% better conversion rates per dollar spent than cookie-based ads. This finding proves that FLoC is the way forward for privacy.
The Chrome team expects to begin public testing in March 2021. See here for details.
Create the audience
A successful advertising, one of its elements is how to create an audience. Privacy sandboxes have their own tricks for allowing marketers and advertisers to create audiences precisely without third-party cookies. The Chrome team has unveiled a new proposal called FLEDGE, based on an earlier Chrome proposal called TURTLEDOVE. The new proposal incorporates industry feedback on TURTLEDOVE and incorporates features such as “trusted Servers.” Trusted servers are used to store bid, budget, and other information for advertising campaigns.
FLEDGE is essentially an option that Google offers to advertisers with specific needs who want to remarket to users who have previously visited their site. FLEDGE is expected to launch a trial later this year, as detailed here.
Measure the conversion effect
Google has made various proposals to allow marketers to quantify the conversion. These proposals support the critical needs of advertisers while ensuring user privacy is protected. Techniques such as event-level reporting and aggregate-level reporting are used to quantify transformation effects. These data reporting techniques allow bidding models to identify patterns in the data and measure them precisely against the consumer group.
Google also plans to protect consumers’ privacy by using techniques such as aggregation, jamming and limiting the amount of data sent to devices. As a result, advertisers will have to prioritize converting data that is important to their reports and only have access to that data. But Google is still collecting feedback extensively, and a prototype to measure transformation has yet to be built.
Prevention of advertising fraud
To maintain a good web ecosystem, advertising should be able to distinguish between real user traffic and fraudulent traffic. Google plans to implement this capability with a feature called the Trusted Token API. The Trusted Token API is a new API that helps anti-fraud and distinguish real users from bots. This feature allows an Origin source to generate encrypted tokens for trusted users. These tokens are stored in the user’s browser and used to assess the user’s identity in other scenarios.
Google is expected to launch the trial in March this year, following the release of the next version of Chrome, which supports an upgraded version of the Trusted Token API, as detailed here.
Reverse fingerprint tracing
I’ve written several articles about browser fingerprinting and its dangers, which can be found here.
Browser fingerprinting is a technology that identifies and tracks users. Marketers can identify unique users and track them using simple information such as browser model and version, operating system, plug-ins, time zone, language, screen resolution, and other Settings.
In order to make the privacy sandbox resistant to fingerprint identification, Google provides a method of anti-fingerprint identification. The new method, called Gnatcatcher, tries to hide a user’s IP address without interfering with the website’s normal behavior. Since Gnatcatcher is still in development, it is constantly being refined based on community feedback.
More details about Gnatcatcher can be found here.
Here’s the Chrome team’s January 2021 update.
conclusion
In order to change the network ecological environment, people have made many bold attempts. But most attempts fail, largely because there are more than a few stakeholders resistant to change. But with a privacy sandbox, Google claims that advertisers and marketers get up to 5 percent less conversion per dollar they spend than with third-party cookies. On the other hand, consumers will always be happy to see their private information more secure in the new model.
But those in advertising and marketing have their concerns. They doubt whether Google can play fair with its own teams and outsiders. Google has its own AD team. Experts wonder if these internal teams are only given the same aggregated data as outside marketers, advertisers and other advertisers. It has been proven that Google has played tricks to protect its share of advertising revenue. If the same thing happens again, it means that Google’s own team has access to more fine-grained user data, which is unfair to the rest of the advertising industry. If Google is up to something, expect a big mess.
What do you think of the new proposal? Will it make the web ecosystem safer? Or will it hand the sceptre to the monopolist?
Thanks for reading!
If you find any mistakes in your translation or other areas that need to be improved, you are welcome to the Nuggets Translation Program to revise and PR your translation, and you can also get the corresponding reward points. The permanent link to this article at the beginning of this article is the MarkDown link to this article on GitHub.
The Nuggets Translation Project is a community that translates quality Internet technical articles from English sharing articles on nuggets. The content covers Android, iOS, front-end, back-end, blockchain, products, design, artificial intelligence and other fields. If you want to see more high-quality translation, please continue to pay attention to the Translation plan of Digging Gold, the official Weibo, Zhihu column.