It is an attempt to replace more invasive tracking techniques. The AdTech industry is unlikely to give up on knowing which ads were "successful". A privacy-friendly solution developed by Firefox is miles better than something invented by Google, the AdTech company masquerading as a browser vendor.
Personally I don't see why we should treat browser/web vulnerabilities that are being abused for tracking any different than every other security vulnerability... apart from the discussion being warped by Doubleclick pumping out new browser vulnerabilities, baking them into web standards, and marketing them as "features" to be rapidly adopted.
Complete agreement; anything that can be used for tracking is a security vulnerability. That doesn't mean it's a top-priority security vulnerability on par with remote code execution, but there's already a whole vulnerability category for "information disclosure".
This is not a tracking mechanism - it's quite convincingly private to _all_ participants in the protocol (only you, as the browser client, have the full data). Websites specifically receive only aggregate data from their complete user base, not any individual info.
Whether it's worthwhile and/or will help reduce industry tracking practices is a good & separate question, but it's not reasonable to describe this as anything akin to a attack on privacy.
I'm quite happy to continue saying "advertising is bad, tracking is bad, anything that serves no purpose other than to help them is bad for users". Calling that "black and white thinking" is not an argument that advertising is good, or tracking is good, or that this API proposal is good.
What is the reason this is good for users? It's not "this is better than other tracking", because this does nothing to take away other tracking so it's not an either-or. Other tracking won't go away until it's blocked. There is no requirement to provide a replacement.
"We've should eliminate toxic waste being dumped in the water!" "What do you propose to replace the toxic wastewith? Why don't we provide a less toxic waste? Maybe if we offer the option of dumping a less toxic waste, that'll incentivize factories to dump that instead of the more toxic waste?"
> Calling that "black and white thinking" is not an argument that advertising is good
I never said this proposal is any good. I don't know if is as I just looked at the general overview, and that's not really enough to make a judgement one way or the other. As a general point I do think it's a problem with solving.
What I am saying your case for "it's bad" is entirely without substance and seems to be based on axiomatic black/white thinking.
The substance of my case is "this won't work, this provides no value to users, this is disclosing a non-zero number of bits of information about users, and this is nothing but attack surface area for potential information disclosure".
Once you have a non-zero number of bits flowing from the browser to advertisers, that's a path to try to extract more bits of identifying information than the browser intended to provide, by any number of means.
There will be lots of people trying to deanonymize users from the data. There will be warrants served to the intermediary. There will be attempted security breaches on the intermediary. Those are just a few bits of potential attack surface, all of which is entirely unnecessary.
> I'm quite happy to continue saying "advertising is bad, tracking is bad, anything that serves no purpose other than to help them is bad for users". Calling that "black and white thinking" is not an argument that advertising is good, or tracking is good, or that this API proposal is good.
GP was very clear in what he considered "black and white thinking" and you very clearly avoided addressing what GP wrote.
> What is the reason this is good for users?
Did GP said it was good, no. So why are you even asking this question?
> There is no value gained by compromising with advertisers.
I mean, there's the part where advertisers pay for a huge chunk of the web? Maybe you're ideologically opposed to that and think websites should only have crowdsourcing-type revenue sources, but in the meantime website owners need to pay the bills.
> I mean, there's the part where advertisers pay for a huge chunk of the web?
They don't. Most of the web is unpaid UGC.
> Maybe you're ideologically opposed to that and think websites should only have crowdsourcing-type revenue sources, but in the meantime website owners need to pay the bills.
That's up to those website operators to figure out and not the concern of the user's browser. It only becomes the browser's concern when those website operators try to enrich themselves by manipulating the user into acting against their best interest via ads, in which case the only correct response is to block those ads. For the most part, the website operators that are in it to make a living are simply scammers that will not be missed.
> Third party cookies cannot be turned off without this replacement and for other things due to competition law and web ecosystem issues.
"competition law" is a problem for Chrome; as a browser run by a massive advertising company, interfering with other advertising companies raises antitrust concerns. It is not a problem Firefox needs to care about. (Also, it's not a problem that a browser with a tiny fraction of market share needs to worry about.)
"web ecosystem issues" is a fascinating euphemism. Let's cause more "issues" for advertisers.
> Ad supported content is worth something and eliminating that business model overnight would be bad as a bunch of things would be less accessible.
It's not going to go away overnight; it will take a long lingering time to die, and that time gets longer every time someone hesitates to kill it. In the meantime, as it becomes less effective, other models will become more effective.
If Firefox delivers a feature the AdTech industry would be OK with, then Chrome can adopt it and kill third-party cookies. Firefox already can block such cookies, but some legitimate sites may break (but developers don't care about Firefox). If Chrome blocks them by default, those sites will have to adjust.
Chrome is already delivering a (different) feature that they propose as a replacement for third-party cookies. That's not a reason for Firefox to adopt that API.
Interesting thanks! Anonyms technology is presumably what the original article was about?
Any idea what a transaction will look like. Who will pay them for this and how? I guess ad networks would pay so they can still attribute and do retain their customers better? I wonder what the fee is per
Firefox is controlled opposition. Firefox will hire leadership that is most capable of maximizing revenue from Google, and Google sends their money to Firefox based on now nicely that CEO cooperates. Therefore it’s probably not a direct threat but a “do we understand each other?” situation
Only if you redefine privacy. I don't want any of my information being leaked.
It is plausible for example that you could form a statistical cohort around people that work in an organization and determine that they have become interested in a topic that reveals internal plans.
Even as an individual, I can only see more accurate modeling of my interests as a tool to be used against me. I do not consent to sharing those correlations. They are private.
This feature isn't modelling your interests. It's letting advertisers get insight into the performance of their ad campaigns without tracking individual users.
The ad agency is only able to see: their add (y), published on source z, led to x conversions, over a period of time (p).
