Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

More infos about it:

    https://blog.mozilla.org/en/mozilla/privacy-preserving-attribution-for-advertising/
    https://github.com/mozilla/explainers/tree/main/ppa-experiment
    https://datatracker.ietf.org/doc/draft-ietf-ppm-dap/
The gist of it is that Mozilla and ISRG now proxy the tracking data and give aggregated reports to advertisers. And that they handle the data in a way so that neither Mozilla nor ISRG alone can access the unaggregated data:

    Our DAP deployment is jointly run by
    Mozilla and ISRG. Privacy is lost if
    the two organizations collude
I wonder if this is really the only way privacy can get lost. What if an advertiser uses an ad ID only once for real (specifying a specific user) and then sends 999 fake impression signals for that ID to Mozilla? When they get the aggregated data for the 1000 impressions, they would be able to deduct who did the one real impression, no?


You forgot to add one more link for context - Mozilla acquired ads company Anonym https://blog.mozilla.org/en/mozilla/mozilla-anonym-raising-t...


> The gist of it is that Mozilla and ISRG now proxy the tracking data and give aggregated reports to advertisers.

So Mozilla becomes the treasure-guard? What prevents them from abusing or leaking the data in the future?


The way I read it is that:

1) The data is encrypted in a way that Mozilla can't encrypt it without the help of ISRG.

2) There is a way for ISRG to help Mozilla create aggregated data from the raw data without either of them being able to see the raw data in this process.

Maybe I'm wrong. Would be interesting to hear how 2 can be accomplished. Would have to be some crypto magic I have not yet heard about.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: