What is the big problem with Google's proposed 'privacy budget'?
by
Of the cookies that track individuals on the Internet, third-party cookies , which have been widely used for advertising transactions, are becoming subject to regulation in recent years from the perspective of personal information protection. Google, which has relied heavily on third-party cookies, is rushing to develop alternatives, but one of the alternatives, the `` privacy budget ,'' has some problems, said Eric Rescorla, CTO of Mozilla (best technology). responsible) mentioned.
Technical Comments on Privacy Budget
(PDF file) https://mozilla.github.io/ppa-docs/privacy-budget.pdf
Google's Privacy Budget doesn't add up, says Mozilla • The Register
https://www.theregister.com/2021/10/11/googles_privacy_budge/
In response to third-party cookie regulations, Google has announced that Chrome will no longer support third-party cookies by the end of 2023. Google has proposed an advertising system ' privacy sandbox ' that can replace third-party cookies . Proposals include the ``Privacy Budget API,'' a mechanism that assigns a budget to each piece of information that can be used to identify an individual, and enables information to be obtained within that budget, and `` TURTLEDOVE ,'' which distributes advertisements on a browser-by-browser basis rather than on a server. have been discussed.
Mr. Rescorla explains the privacy budget among the privacy sandboxes that Google is working on and points out the problems. An important factor in understanding the privacy budget is a ' fingerprint ' that identifies users using detailed browser features such as the device they are using and the fonts installed. Fingerprinting is a tracking technology that can create a unique identifier to track a user, but ``unlike cookies, users cannot delete fingerprints, and even if a user wants to avoid being identified, developers do not know how to do it. It is also something that was not adopted as an alternative to third-party cookies because it cannot be provided.
The privacy budget is what purportedly limits the availability of fingerprints. The privacy budget is supposed to prevent identifiers from becoming unique and enhance user privacy by reducing the `` number of data points for creating identifiers '' that fingerprints can acquire. However, Rescorla points out that 'the privacy budget cannot prevent user tracking.'
First, Rescorla points out that ``not all values obtained by fingerprinting have the same information content.'' For example, the information 'I use Chrome' is not very valuable when there are many Chrome users, but the information 'I use
The second problem is that even APIs that are essential to the functionality of the site may be juggling within budget. Google has not disclosed how it handles APIs like ``window. may reach. Rescorla also said that reaching the limit could prevent each site from calling the APIs essential to building the page, and the site could become ineffective. ``Since the order in which the privacy budget is applied is determined by factors such as the site's network performance, there may be large differences in performance for each site and user,'' Rescorla said.
As a third problem, Rescorla points out that ``the privacy budget itself is used for tracking.'' The privacy budget can both read and manage identifiers, but since they are not divided, reading the privacy budget can be used for cross-site tracking.
``Rather than trying to contain fingerprints, it's better to limit fingerprints as new web APIs are developed, and gradually remove existing fingerprints to monitor for malicious patterns,'' Rescorla said. claim.
Related Posts:
in Web Service, Security, Posted by log1p_kr