“Apple thinks it has come up with a way for advertisers to track how well their ads are doing without (gasp) compromising user privacy,” John E Dunn writes for Sophos. “It sounds like a tall order but according to John Wilander, WebKit engineer and architect of Apple’s Intelligent Tracking Prevention (ITP), a technology called Privacy Preserving Ad Click Attribution has been added as an experimental feature to Preview 82+ of the Safari browser.”
“According to Wilander, the problem isn’t advertising per se, but the sense that web surveillance has become about not merely understanding what users do but who they are,” Dunn writes. “Apple’s solution is a compromise – allow websites and advertisers to see that a user responded to an ad but not who that user is.”
“Instead of advertisers recording this data in the form of tracking pixels and cookies, a mechanism in Safari’s WebKit engine would do that for them instead,” Dunn writes. “And unlike today’s web, no “opaque third-parties” should see ad attribution data, only the websites visited by the user who generated the click-through.”
Read more in the full article here.
MacDailyNews Take: Time will tell if this will work, be we’re hopeful it will help user privacy.
John Wilander writes via the WebKit Blog:
Today we are presenting a new technology to allow attribution of ad clicks on the web while preserving user privacy. We used the following principles as we designed this technology:
• Users should not be uniquely identified across websites for the purposes of ad click attribution. This means the combined data of an ad click and a conversion should not be attributable to a single user at web scale. To achieve this, our design has the following properties:
– Up to 64 ad campaigns can be measured in parallel per website where ads are placed and advertiser. This low number means ad campaign IDs cannot be turned into user identifiers.
– Up to 64 conversion events can be distinguished on the advertiser’s own website. This means conversion IDs are also restricted from being turned into user identifiers.
• Only websites that users visit should be involved in measuring ad clicks and conversions.
This means that opaque third-parties should not receive ad click attribution reports and we enforce it by requiring that the ad link is part of a first-party webpage and by only reporting on which first-party website a conversion happened.
• The browser should act on behalf of the user and do its best to preserve privacy while reporting on ad click attribution. We achieve this by:
– Sending attribution reports in a dedicated Private Browsing Mode even though the user is in regular browsing mode.
– Disallowing data like cookies for reporting purposes.
– Delaying reports randomly between 24 and 48 hours.
– Not supporting Privacy Preserving Ad Click Attribution at all when the user is in Private Browsing Mode.
• The browser vendor should not learn about the user’s ad clicks or conversions.
For this reason, we designed the feature to do all of its work on-device. The browser vendor does not see any of the ad click attribution data.
Critically, our solution avoids placing trust in any of the parties involved — the ad network, the merchant, or any other intermediaries — and dramatically limits the entropy of data passed between them to prevent communication of a tracking identifier.
Read more here.
Apple to launch new privacy feature for ad tracking in browser – May 22, 2019