Original toot:
It has come to my attention that many of the people complaining about #Firefox’s #PPA experiment don’t actually understand what PPA is, what it does, and what Firefox is trying to accomplish with it, so an explainer 🧵 is in order.
Targeted advertising sucks. It is invasive and privacy-violating, it enables populations to be manipulated by bad actors in democracy-endangering ways, and it doesn’t actually sell products.
Nevertheless, commercial advertisers are addicted to the data they get from targeted advertising. They aren’t going to stop using it until someone convinces them there’s something else that will work better.
“Contextual advertising works better.” Yes, it does! But, again, advertisers are addicted to the data, and contextual advertising provides much less data, so they don’t trust it.
What PPA says is, “Suppose we give you anonymized, aggregated data about which of your ads on which sites resulted in sales or other significant commitments from users?” The data that the browser collects under PPA are sent to a third-party (in Firefox’s case, the third party is the same organization that runs Let’s Encrypt; does anybody think they’re not trustworthy?) and aggregated and anonymized there. Noise is introduced into the data to prevent de-anonymization.
This allows advertisers to “target” which sites they put their ads on. It doesn’t allow them to target individuals. In Days Of Yore, advertisers would do things like ask people to bring newspapers ads into the store or mention a certain phrase to get deals. These were for collecting conversion statistics on paper ads. Ditto for coupons. PPA is a way to do this online.
Is there a potential for abuse? Sure, which is why the data need to be aggregated and anonymized by a trusted third party. If at some point they discover they’re doing insufficient aggregation or anonymization, then they can fix that all in one place. And if the work they’re doing is transparent, as compared to the entirely opaque adtech industry, the entire internet can weigh in on any bugs in their algorithms.
Is this a utopia? No. Would it be better than what we have now? Indisputably. Is there a clear path right now to anything better? Not that I can see. We can keep fighting for something better while still accepting this as an improvement over what we have now.
Anonymized data doesn’t exist. It can always be de-anonymized.
No? If it’s anonymized to “someone somewhere clicked this ad” that’s not possible to de-anonymize.
Do I expect it to be that anonymized? No. But the idea that it is always possible to de-anonymize data is just plum wrong.
If that was the extent of the data available, no advertiser will ever use this.
From reading the learn more link, it’s meant to just give them info on what ads worked. They would absolutely want this info, even if it was just “the ad you ran last week resulted in a dozen sales.”
Why would you think otherwise?
It’s a balance between useless and identifiable. You could take someone’s search queries and anonymize them very easily. Take that data, mix it into a copy of Moby Dick, and completely scramble it. That data is 100% anonymous, albeit completely useless.
The idea is to find a midpoint between that and completely identifiable.