Google says it has partnered with Fastly, a content delivery platform, to support its efforts to serve targeted ads on its Chrome browser with greater privacy.
Google’s FLEDGE is a Privacy Sandbox offering that allows for remarketing and custom audiences. It aims to allow websites to serve ads that reflect visitors’ interests without allowing visitors to be tracked or identified.
FLEDGE works like this. When a user visits a site associated with an interest group, such as a campaign, the owner of the interest group (the demand-side platform, or DSP, that makes it possible to buy advertising associated with the site) may ask the user’s browser to connect. appropriate stakeholder group with a limited lifetime using a JavaScript function.
If the JavaScript call succeeds, it can fail, be blocked, or rejected, the browser stores the name of the interest group (such as walk), the URL of the interest group owner, and configuration data so that the browser can participate in an auction to serve ads.
When a user visits another site that sells ads, the seller of that ad space, usually a supply-side platform or SSP, has the option to use FLEDGE to run an ad auction for ads that match the interest.
The SSP makes another JavaScript call to start the auction in the browser, that is, the code takes the list of interest group owners stored in the user’s browser and invites some of them to submit a bid to show the user a targeted ad.
Bidding is done using the logical URL of bids specified in the configuration data, provided with information about the interest group and the ad seller (the site’s SSP or the site itself). The seller then receives the bids and displays the winning ad in a fenced frame, the (hopefully) secure successor to the iframe.
FLEDGE is currently being tested on Google’s Chrome browser. Other browser vendors have yet to announce whether or not they will implement Google’s Privacy Sandbox APIs.
A kind of anonymity online. We will see
To enable this work to ensure privacy, Google runs servers that implement techniques called k– anonymity. This is a way to promote privacy by hiding people in a crowd whose size is represented by a variable k.
FLEDGE applies k– the anonymity of several aspects of the application process. For example, an advertising provider (DSP) can create a unique and therefore trackable FLEDGE group (eg hikingUser23).
To prevent this, FLEDGE will not allow the browser to define an interest group if at least one does not exist k other browsers trying to define that same interest group. And FLEDGE is used to prevent ads targeting individuals k-Anonymity of ad display URLs, therefore at least 50 users per ad design within the last seven days are required to display ads.
In order for this to work in a way that hides potentially identifying information such as the IP address of site visitors and the browser’s User-Agent string, Google places its k– anonymous servers behind a third party. This is where Fastly comes in, running an Oblivious HTTP (OHTPP) relay.
As Google software engineer Philip Lee explains in a blog post, the user’s Chrome browser sends an encrypted request to Google via the OHTTP relay. k– anonymity servers.
“Therefore, the relay does not see the content of the request, but is aware of the user’s IP address,” Lee explains. “The opposite, k-anonymity server (and gateway) are not aware of the identity of the user, but can see the content of the request.”
There are certain limitations to the privacy afforded by this approach. One is that the website publisher can still see the IP addresses of visitors. Another is that Google will have a lot of identifying information about an individual if that person is signed in to a Google Account through Chrome. But Google at least insists it will enforce its own k– protection of anonymity of own advertising services.
This approach “will offer better privacy because the source IP address will be masked,” said Lukasz Olenik, an independent privacy researcher and consultant, in an email. Register.
“From my research, I know that IP addresses, along with other information, [are] strong identifier. In a few years, it will certainly be a bit more difficult to do privacy research. That said, I would like to think that my previous works contribute somewhat to the current evolution, which is positive.”
Oleinik expects Google’s approach to lead to a more formal web advertising infrastructure platform. “Here it is assumed that the platform will remain open for all competitors,” he said. “If I understand correctly, this is the foundation of Great Britain [Competition and Markets Authority] process”:
When asked if Fastly could be abusing its role as a trusted intermediary, Oleinik replied: “In this case, you have to trust the partial infrastructure management. They should always be cautious, we will be able to review the final proposal and design when they come in.”
As for the security of Oblivious HTTP, Olejnik allowed some room for skepticism, but said that it is a technical standard and that it is used with Fastly to support Apple’s private relay.
“The key question is whether other infrastructure providers will want to join in,” he said. ®