ip-blindness VS turtledove

More here: https://github.com/bslassey/ip-blindness

Yes, but have in mind that in a future it may not be possible. Take a look to the Gnatcatcher proposal: https://github.com/bslassey/ip-blindness

> at the very least, the ad network will be able to see your IP and know that you like athletic shoes and visited www.wereallylikeshoes.com. If you visit some other domain first-ad-network.com owns with the same IP it within a small window of time, it can be pretty confident it's the same person and even store some client side data at that point. It feels like they can construct a reasonably good profile about their users by using that technique.

Yes, there are a lot of user identifying bits in an IP address. Chrome has two proposals: https://github.com/bslassey/ip-blindness I'm not sure what other browsers are thinking?

> That's considering the browser doesn't leak out any other potentially identifying information.

Which they definitely do. All the browsers are working on figuring out how to thwart fingerprinting, and it's really hard. I am glad, at least, that we were able to get Google Ads to publicly commit to not fingerprinting.

> when you click on the ad, they know one interest about you and, if you clicked in ads from other campaigns they run, they may reconstruct your profile well

Yes, when people click on ads in Turtledove the advertiser does learn something. This is a huge improvement to the status quo where advertisers learn things just by bidding, or an intermediate stage where advertisers learn things when they win an auction -- users don't click on ads very often, so the amount of information leaked this way is very low.

Exactly how much information the advertiser is able to learn on a click is still very much up in the air, so if you have views on this you might consider participating on the repo?

"Near-path NAT"[1] has been suggested as a mechanism that browsers can use to proxy requests through an intermediate server, similar to what you suggest.

[1] https://github.com/bslassey/ip-blindness/blob/master/near_pa...

> and you know my IP address

https://www.chromium.org/Home/chromium-privacy/privacy-sandb... links to https://github.com/bslassey/ip-blindness for how they intend to handle this.

(Disclosure: I work on ads at Google, speaking only for myself)

If you want to prevent fingerprinting, you need to look at where the identifying bits are coming from. (ex: https://coveryourtracks.eff.org/) The IP address provides enough bits to uniquely identify many users, and when combined with just a few more bits, to identify almost anyone.

TOR is one solution here, which you could potentially also describe as "adding forced MitM to every connection". The proposals in https://github.com/bslassey/ip-blindness/blob/master/near_pa... and https://github.com/bslassey/ip-blindness/blob/master/willful... have different tradeoffs than TOR, with the "TOR is painfully slow" problem being a big one.

If you have better ideas, though, I would be very interested in reading them!

it's unfortunate that the sour response to this impressive privacy work (https://github.com/WICG/turtledove/blob/main/FLEDGE_k_anonym...) will likely lead to people turning it off, and buried in their is the switch for Private State Tokens (https://github.com/WICG/trust-token-api/blob/main/README.md)

It'll be interesting to see how this goes. Google and Mozilla+Meta each have competing standards.

https://github.com/WICG/turtledove

https://blog.mozilla.org/en/mozilla/privacy-preserving-attri...

To my knowledge, Mozilla's design is the only one where someone other than the browser collects & reports on click activity, and with a fairly trustless anonymizing double blind strategy for those intermediaries.

https://github.com/WICG/turtledove/blob/main/FLEDGE_k_anonym...

you can target an Economist reader a week later on a different website. If FLoC works, you can still do that.

https://github.com/WICG/floc won't really let advertisers do that, this is what https://github.com/WICG/turtledove is for

(Disclosure: I work on ads at Google, speaking only for myself)

The issue is that the replacement that are currently in the works (https://github.com/WICG/floc and https://github.com/WICG/turtledove/blob/main/FLEDGE.md) are extremely complex, will still dramatically impact adtech performance and only improve privacy for a very contrived definition of the concept which incidentally benefits once again big tech vendors...

As to the effectiveness of advertising, removing tracking will have a huge impact. And this affects all players in the value chain, not only adtech providers but also publishers and more importantly advertisers which will see their return on ad spent severely impacted. There is a real of loss "social welfare" (I mean in a game-theoretic sense, but also for real if you believe in capitalism) if tracking is disabled.

Check FLEDGE initiative for this case. The mechanism has not been settled yet, but moves in the needed direction: https://github.com/WICG/turtledove/blob/main/FLEDGE.md#11-joining-interest-groups

I think advertising is positive [1] and the role of ads in funding freely-available sites is very important. My current work is primarily on how browsers can allow more private and secure advertising [2][3][4] which I think most people will agree is valuable even if they are less in favor of advertising in general.

At a lower level, I do this job because I'm paid, which allows me to donate. [5] But I wouldn't do this work if I thought it was harmful; there are lots of different kinds of jobs I could take.

[1] https://www.jefftk.com/p/effect-of-advertising

[2] https://github.com/google/fledge-shim

[3] https://github.com/WICG/turtledove/issues/161

[4] https://github.com/WICG/webpackage/issues/624

[5] https://www.jefftk.com/donations

Why do Google's FLoC, TURTLEDOVE, Dovekey, Criteo's SPARROW, Magnite's PARRROT, NextRoll's TERN and Microsoft's PARAKEET all have similar bird-related names? This feels very cruel considering that in most cultures birds often symbolise freedom.