-
Notifications
You must be signed in to change notification settings - Fork 237
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Storing first party data in trustedBiddingSignalsKeys #1062
Comments
There is no k-anon restriction in the keys sent to the KV service. However, do remember that the values it stores can be queried by anyone who knows the key. Quoting Section 3.1,
But also, if you're talking about frequency capping across different IGs joined on the same site, then this seems reasonable — but perhaps we can improve the Protected Audience previous wins data so that you don't need the KV server for it. |
@michaelkleber The structure of prevWinsMs after generalising it to capture wins across all interest groups would involve aggregating wins from various IGs into a unified dataset.
Also in the official documentation, there is no where mentioned about the data retention for prevWinsMs. Could you tell till what time the data for wins history would be persisted in prevWinsMs? |
As with everything else FLEDGE, the lifetime limit is 30 days (even if an IG is re-joined so it lives longer than 30 days, prevWins, joinCount, and bidCount will forget actions that happened more than 30 days ago). |
Hi @vanshika0812, could you update your GitHub profile with your name and affiliation? If you're going to be proposing contributions to the API, then you will need to be covered by the WICG's contributor license agreement; see https://www.w3.org/community/wicg/ to join.
The privacy model of the Protected Audience API involves each call to |
@michaelkleber |
Do you mean sites where an IG was joined, or where an IG bid in an auction? The latter would leak data, as IGs themselves can be joined from multiple sites, so having access to URLs and metadata from other IGs, even with the same owner, is potentially cross-site data. |
@vanshika0812 Got it! OK, as long as you're talking about all the IGs that were joined on a single site, you're right that there is no new privacy behavior here. Let me ask, though: Have you considered just using a single IG, rather than having the same browser join multiple IGs on the same site? Over the past few years of design discussion, many ad techs seem to have decided that the one-IG-per-join-site model is a good way to make the API meet their needs. |
@michaelkleber one-IG-per-join-site model restricts the DSP capability of
|
I'm afraid I don't really understand either of the capabilities you described. But note that a single IG could absolutely contain bidding code for multiple different strategies, and could use different strategies for different ads the group might bid on. |
We were exploring KV server to implement frequency capping across Interest Groups (IGs) in Protected Audience, considering the limitation of frequency capping at the IG level only with browserSignals.prevWinsMs.
Additionally, is it possible to store first-party data in trustedBiddingSignalsKeys, and are there any k-anon restrictions associated with this approach?"
The text was updated successfully, but these errors were encountered: