Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
121 tokens/sec
GPT-4o
9 tokens/sec
Gemini 2.5 Pro Pro
47 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Evaluating Google's Protected Audience Protocol (2405.08102v2)

Published 13 May 2024 in cs.CR

Abstract: While third-party cookies have been a key component of the digital marketing ecosystem for years, they allow users to be tracked across web sites in ways that raise serious privacy concerns. Google has proposed the Privacy Sandbox initiative to enable ad targeting without third-party cookies. While there have been several studies focused on other aspects of this initiative, there has been little analysis to date as to how well the system achieves the intended goal of preventing request linking. This work focuses on analyzing linkage privacy risks for the reporting mechanisms proposed in the Protected Audience (PrAu) proposal (previously known as FLEDGE), which is intended to enable online remarketing without using third-party cookies. We summarize the overall workflow of PrAu and highlight potential privacy risks associated with its proposed design, focusing on scenarios in which adversaries attempt to link requests to different sites to the same user. We show how a realistic adversary would be still able to use the privacy-protected reporting mechanisms to link user requests and conduct mass surveillance, even with correct implementations of all the currently proposed privacy mechanisms.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (54)
  1. Hack-a-Vote: Security issues with electronic voting systems. IEEE Security & Privacy, 2:32–37, 2004.
  2. Oliver Bethell. Our commitments for the Privacy Sandbox. https://blog.google/around-the-globe/google-europe/our-commitments-privacy-sandbox/, 2021.
  3. Interest-disclosing mechanisms for advertising are privacy-exposing (not preserving). In Proceedings on Privacy Enhancing Technologies (PoPETs), 2024.
  4. Burton H Bloom. Space/time trade-offs in hash coding with allowable errors. Communications of the ACM, 13:422–426, 1970.
  5. On the false-positive rate of Bloom filters. Information Processing Letters, 108:210–213, 2008.
  6. Anthony Chavez. Expanding testing for the Privacy Sandbox for the web. https://blog.google/products/chrome/update-testing-privacy-sandbox-web/, 2022.
  7. Competition and Markets Authority. Investigation into Google’s ‘Privacy Sandbox’ browser changes. https://www.gov.uk/cma-cases/investigation-into-googles-privacy-sandbox-browser-changes, 2024.
  8. Privacy pass: Bypassing internet challenges anonymously. In Proceedings on Privacy Enhancing Technologies (PoPETs), 2018.
  9. Detecting violations of Differential Privacy. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018.
  10. Dun & Bradstreet. Get a D-U-N-S number. https://www.dnb.com/duns/get-a-duns.html, 2024.
  11. Sam Dutton. FLoC. https://developer.chrome.com/docs/privacy-sandbox/floc/, 2021.
  12. Protected Audience API. https://developer.chrome.com/docs/privacy-sandbox/fledge/, 2022.
  13. Protected Audience API: Developer Guide. https://developer.chrome.com/docs/privacy-sandbox/protected-audience-api/, 2022.
  14. Cynthia Dwork. Differential Privacy: A survey of results. In International Conference on Theory and Applications of Models of Computation, 2008.
  15. The algorithmic foundations of Differential Privacy. Foundations and Trends in Theoretical Computer Science, 9:211–407, 2014.
  16. Dominic Farolino. Fenced Frames. Draft Community Group Report, https://github.com/WICG/fenced-frame, 2022.
  17. Federal Trade Commission. Google will pay $22.5 million to settle FTC charges it misrepresented privacy assurances to users of Apple’s Safari Internet browser. https://www.ftc.gov/news-events/news/press-releases/2012/08/google-will-pay-225-million-settle-ftc-charges-it-misrepresented-privacy-assurances-users-apples, 2012.
  18. Federal Trade Commission. Lurking beneath the surface: Hidden impacts of pixel tracking. https://www.ftc.gov/policy/advocacy-research/tech-at-ftc/2023/03/lurking-beneath-surface-hidden-impacts-pixel-tracking, 2023.
  19. RFC2616: Hypertext Transfer Protocol–HTTP/1.1, 1999.
  20. Georgia Franklin. Developer enrollment for the Privacy Sandbox. https://developer.chrome.com/blog/announce-enrollment-privacy-sandbox/, 2023.
  21. Vinay Goel. An updated timeline for Privacy Sandbox milestones. https://blog.google/products/chrome/updated-timeline-privacy-sandbox-milestones/, 2021.
  22. Vinay Goel. Get to know the new Topics API for Privacy Sandbox. https://blog.google/products/chrome/get-know-new-topics-api-privacy-sandbox/, 2022.
  23. Google Developers. K-Anonymity. https://developers.google.com/privacy-sandbox/relevance/protected-audience-api/k-anonymity, 2023.
  24. On the capability of static code analysis to detect security vulnerabilities. Information and Software Technology, 68:18–33, 2015.
  25. Key value service trust model. https://github.com/privacysandbox/protected-auction-services-docs/blob/main/key_value_service_trust_model.md, 2024.
  26. On the robustness of Topics API to a re-identification attack. https://arxiv.org/abs/2306.05094, 2023.
  27. Are we there yet? Timing and floating-point attacks on Differential Privacy systems. In IEEE Symposium on Security and Privacy, 2022.
  28. De-anonymization of the user of web resource with browser fingerprint technology. Journal of Theoretical and Applied Information Technology, 100(14), 2022.
  29. Guidelines for implementing and auditing Differentially Private systems. https://arxiv.org/abs/2002.04049, 2020.
  30. David M Kristol. HTTP Cookies: Standards, privacy, and politics. ACM Transactions on Internet Technology (TOIT), 1:151–198, 2001.
  31. Third-party web content on EU news sites: Potential challenges and paths to privacy improvement. https://timlibert.me/pdf/Libert_Nielsen-2018-Third_Party_Content_EU_News_GDPR.pdf, 2018.
  32. Third-party web tracking: Policy and technology. In IEEE Symposium on Security and Privacy, 2012.
  33. Rowan Merewood. Building a more private web: A path towards making third party cookies obsolete. https://blog.chromium.org/2020/01/building-more-private-web-path-towards.html, 2022.
  34. Don’t count me out: On the relevance of IP address in the tracking ecosystem. In Proceedings of The Web Conference, 2020.
  35. Fahad Muhammad. What is remarketing? https://instapage.com/what-is-remarketing, 2024.
  36. Nick Nguyen. Changing our approach to anti-tracking. https://blog.mozilla.org/futurereleases/2018/08/30/changing-our-approach-to-anti-tracking/, 2018.
  37. Build it, break it, fix it: Contesting secure development. ACM Transactions on Privacy and Security, 23, 2020.
  38. Privacy Sandbox Team. Testing locally using Local Testing Tool. https://github.com/privacysandbox/aggregation-service/blob/main/docs/local-testing-tool.md, 2023.
  39. Effect of disabling third-party cookies on publisher revenue. https://services.google.com/fh/files/misc/disabling_third-party_cookies_publisher_revenue.pdf, 2019.
  40. Fifty ways to leak your data: An exploration of apps’ circumvention of the Android permissions system. In USENIX Security Symposium, 2019.
  41. Trusted execution environment: what it is, and what it is not. In IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 2015.
  42. Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression. In IEEE Symposium on Research in Security and Privacy, 1998.
  43. Justin Schuh. Improving privacy and security on the web. https://blog.google/products/chrome/update-testing-privacy-sandbox-web/, 2019.
  44. Justin Schuh. Test the Privacy Sandbox ads relevance and measurement APIs. https://developer.chrome.com/blog/privacy-sandbox-unified-origin-trial/, 2020.
  45. Shivani Sharma. Network side channel. https://github.com/WICG/fenced-frame/blob/master/explainer/network_side_channel.md, 2022.
  46. Tristram Southey. Protected Audience API: Our new name for FLEDGE. https://privacysandbox.com/intl/en_us/news/protected-audience-api-our-new-name-for-fledge, 2023.
  47. The Privacy Sandbox. The Privacy Sandbox timeline for the web. https://privacysandbox.com/intl/en_us/open-web/, 2022.
  48. Debugging Differential Privacy: A case study for privacy auditing. https://arxiv.org/abs/2202.12219, 2022.
  49. Alex Turner. Private Aggregation API explainer. https://github.com/patcg-individual-drafts/private-aggregation-api#contributions-limit, 2023.
  50. Private State Token API Explainer. https://github.com/WICG/trust-token-api/blob/main/README.md, 2019.
  51. Understanding security mistakes developers make: Qualitative analysis from build it, break it, fix it. In USENIX Security Symposium, 2020.
  52. Web Platform Incubator Community Group. Extended private aggregation reporting in FLEDGE. https://github.com/WICG/turtledove/blob/main/FLEDGE_extended_PA_reporting.md, 2022.
  53. Web Platform Incubator Community Group. TURTLEDOVE. https://github.com/WICG/turtledove, 2022.
  54. John Wilander. Full third-party cookie blocking and more. https://webkit.org/blog/10218/full-third-party-cookie-blocking-and-more/, 2020.

Summary

We haven't generated a summary for this paper yet.