Copied from reddit:
Firefox CTO here.
There’s been a lot of discussion over the weekend about the origin trial for a private attribution prototype in Firefox 128. It’s clear in retrospect that we should have communicated more on this one, and so I wanted to take a minute to explain our thinking and clarify a few things. I figured I’d post this here on Reddit so it’s easy for folks to ask followup questions. I’ll do my best to address them, though I’ve got a busy week so it might take me a bit.
The Internet has become a massive web of surveillance, and doing something about it is a primary reason many of us are at Mozilla. Our historical approach to this problem has been to ship browser-based anti-tracking features designed to thwart the most common surveillance techniques. We have a pretty good track record with this approach, but it has two inherent limitations.
First, in the absence of alternatives, there are enormous economic incentives for advertisers to try to bypass these countermeasures, leading to a perpetual arms race that we may not win. Second, this approach only helps the people that choose to use Firefox, and we want to improve privacy for everyone.
This second point gets to a deeper problem with the way that privacy discourse has unfolded, which is the focus on choice and consent. Most users just accept the defaults they’re given, and framing the issue as one of individual responsibility is a great way to mollify savvy users while ensuring that most peoples’ privacy remains compromised. Cookie banners are a good example of where this thinking ends up.
Whatever opinion you may have of advertising as an economic model, it’s a powerful industry that’s not going to pack up and go away. A mechanism for advertisers to accomplish their goals in a way that did not entail gathering a bunch of personal data would be a profound improvement to the Internet we have today, and so we’ve invested a significant amount of technical effort into trying to figure it out.
The devil is in the details, and not everything that claims to be privacy-preserving actually is. We’ve published extensive analyses of how certain other proposals in this vein come up short. But rather than just taking shots, we’re also trying to design a system that actually meets the bar. We’ve been collaborating with Meta on this, because any successful mechanism will need to be actually useful to advertisers, and designing something that Mozilla and Meta are simultaneously happy with is a good indicator we’ve hit the mark.
This work has been underway for several years at the W3C’s PATCG, and is showing real promise. To inform that work, we’ve deployed an experimental prototype of this concept in Firefox 128 that is feature-wise quite bare-bones but uncompromising on the privacy front. The implementation uses a Multi-Party Computation (MPC) system called DAP/Prio (operated in partnership with ISRG) whose privacy properties have been vetted by some of the best cryptographers in the field. Feedback on the design is always welcome, but please show your work.
The prototype is temporary, restricted to a handful of test sites, and only works in Firefox. We expect it to be extremely low-volume, and its purpose is to inform the technical work in PATCG and make it more likely to succeed. It’s about measurement (aggregate counts of impressions and conversions) rather than targeting. It’s based on several years of ongoing research and standards work, and is unrelated to Anonym.
The privacy properties of this prototype are much stronger than even some garden variety features of the web platform, and unlike those of most other proposals in this space, meet our high bar for default behavior. There is a toggle to turn it off because some people object to advertising irrespective of the privacy properties, and we support people configuring their browser however they choose. That said, we consider modal consent dialogs to be a user-hostile distraction from better defaults, and do not believe such an experience would have been an improvement here.
Digital advertising is not going away, but the surveillance parts could actually go away if we get it right. A truly private attribution mechanism would make it viable for businesses to stop tracking people, and enable browsers and regulators to clamp down much more aggressively on those that continue to do so.
Fuck that. Not if we don’t make it. That’s precisely the point. Do not comply. Do not submit. Never. Advertising is contrary to the interests of humanity. You’re never going to convince me becoming a collaborator for a hypothetically less pernicious form is the right course of action. Never. No quarter.
That makes it even worse.
And therefore inimical to humanity in general and users in particular.
Not with that attitude.
Aggregate surveillance is still surveillance. It is still intrusive, it still leverages aggregate human behaviour in order to harm humans by convincing them to do things against their own interest and in the interest of the advertiser.
This is supposedly an experiment. You’ve decided to run an experiment on users without consent. And you still think this is the right thing–since you claim the default is the correct behaviour.
I cannot trust this.
If you’ve got a better solution then feel free to share, but magically making everybody on Earth simultaneously decide to suddenly stop paying attention to all advertising everywhere forever is not an actual solution.
I don’t have a complete solution, but I have a vector, and this is in the opposite direction, being, according to its own claims useful to advertisers.
The solution passes through many things, but probably has to start by changing the perception of advertising as a necessary nuisance and into a needless, avoidable, and unacceptable evil. Collaboration does not help in this regard. Individual actions such as blocking advertising, refusing to accept any tracking from sites, deploying masking tools, using archives and mirrors to get content, consciously boycott any product that manages to escape the filtering, are good but insufficient.
I do all those things, but how are you planning on convincing my mom to? I’ve tried. She doesn’t care. The vast majority of people are more like my mom than like you or me. We are weirdos here, and if your plan doesn’t involve a better first step than “do a whole bunch of work to change something you’re already used to” then it is not actually going to change anything for anyone other than a few weirdos like us.
I do not care if something is useful to advertisers. I care if it reduces harm. Refusing to reduce harm to chase some distant ideal that most people don’t care about while not effectively convincing them to care is counterproductive to everything that actually matters.
I mean, sure.
To sligthly paraphrase what /u/ZephrC wrote then, do you have a useful idea for a solution? Because I can dream of utopian non-ideas, too. But while those sound cool on paper, they’re not exactly useful when actually trying to solve any real-world problem.
And good luck changing the perception about advertising on a conceptual level. While you’re at it, will you end world hunger, make worldwide peace and build a dyson sphere? Because I mean, a foundational change to how our language and interactions work (advertising isn’t exactly grounded in companies and richness, but base transactional and societal needs) sounds still a bit more difficult than those, except maybe the peace thing.
… How? You clearly do not understand this technology if you think it’s a step in the wrong direction.
Status quo: almost all ads use onerous tracking of every scrap of data they can scrape on you. Some savvy users use ad block and/or tracking blockers to avoid this to various degrees.
Mozilla PPA: Ads on certain sites start using a much less onerous attribution system which collects only anonymized data on related clicks; allowing advertisers to continue tracking how well their ads are working without any of the creepy personal data attached. Some savvy users continue to use ad block and/or tracking blockers to avoid the ads altogether.
Do you not see how the latter is objectively better for everyone except the advertisers? The fact that it’s “useful to advertisers” just means that this is tech which might actually reach wide adoption. It does absolutely nothing to impinge the effectiveness of ad and tracking blockers, but will be a big improvement for anyone who doesn’t use them.
Same attitude as the people who are like “universal income should be a norm” and “dismantle US healthcare”. Like yes I agree, but you can’t just turn off an entire industry overnight. It takes years, if not decades to change.
Then when incremental progress is made they shut on it for not doing enough.
I’m all for removing fossil fuel use, but removing 20% here and there is a lot better than rejecting everything. It’s juvenile to me to think that it’s either gone or it’s not, and it’s the same here. Ads aren’t going away, it’s a naive thought to think they will. What we can do is try to make changes here and there to make it more tolerable.
irrelevant to the thread, but it actually took only 3 years for clement atlee’s government to create the UK’s national health service
It is though. I use ublock origin with Librewolf and Mull and there are zero ads plus the tracking is far less.
Okay, well good luck with your magic then. Over here in the real world I don’t personally know any mass mind control spells.
Advertisement is not the actual problem, as long as it is marked as such. The problem Mozilla tries to fight is advertisements with tracking users. I find it much more problematic to have advertisements disguised as normal content. Besides malicious advertisements, but that is not the problem that is fought here. People who don’t want see ads, can still use blockers. That’s your option (and mine I use it). But it won’t solve the problem of people getting tracked in mass. If Firefox can provide such as solution, then it is better than not having it.
I will disable it too, but they are right. Mozilla is not in a position to fight the ad industry, alone, and being funded by a ad company (Google).
Best they can do is try to increase the privacy while the ad industry makes money from us. The ad industry is a fucking cancer and I would make them illegal tomorrow if I could. But we are here, on a dense planet called earth, living during the capitalism era. It’s like the stone age.
I don’t blame Mozilla for not single-handedly ending advertising online. That’s too much to expect from anyone. But they could at least avoid active collaboration with the enterprise. And if they’re going to engage in it, they should at the very least warn their users.
Have… actually read about what they’re doing here? It doesn’t feel like you understand this very much.
I’d like people to STOP PRETENDING that the only plausible reason why someone doesn’t agree with this is that we don’t understand it. Yes, I understand what this does. The browser tracks which advertisements have been visited, the advertiser indicates to the browser when a conversion action happens, and the browser sends this information to a third-party aggregator which uses differential techniques to make it infeasible to deanonymise specific users. Do I get a pass?
Yes, this is actively collaborating with advertising. It is, in the words of Mozilla, useful to advertisers. It involves going down a level from being tracked by remote sites to being tracked by my own browser, running on my own machine. Setting aside the issues of institutional design and the possibility for data leaks, it’s still helping people whose business is to convince me to do things against my interest, to do so more effectively.
Do you think that somehow without this setting your browser isn’t tracking you? What do you think the history is?
what do I think the history is? A record of the sites I visited.
What do I think the history isn’t? A correlated record of which advertisements I’ve been exposed to, and which conversions I’ve made, that gets sent to people who are not me.
Pretty relevant distinction. One thing is me tracking myself, another thing is this tracking being sent to others, no matter how purportedly trustworthy.
It’s not a list of clicks you’ve made, it’s a list of clicks everyone has made. Unlike the current state of ad tracking, it would change from tracking you to tracking the ad’s effectiveness.
So it would still help optimising persuasion at scale (also known as lying to people to best et them to act against their interest). Why is this a good thing again?
Life support for a monster set aside as insurance against the day that the monster needs it.
Agreed entirely, Mozilla doing nothing would be far preferable to me here then them helping extend our current experience with advertising by working towards a future with a minimal set of meaningless concessions that Meta’s involvement with suggests would not meaningfully negatively impact their business in any way.
To my mind, fixing advertising means making advertising a much less lucrative business. Doing anything else is only making the already dire problem worse.
I think that last paragraph precisely summarizes the flaw in 90% of the discourse about this. People are trying to solve a problem that shouldn’t exist to need to be solved.
If you set your goal to scale the industry wayyyy back, all of a sudden it becomes sustainable again. Just like it was 10 years ago. Society based on endless growth is unsustainable and all that yeah?
What was the anaology? We’re too busy trying to figure out the best position to have sex with our own mothers instead of trying to have less sex with our own mothers?
Especially not when they’re now officially a part of said industry.
I am not even sure who “we” is in that statement they made:
Is it “we, the advertising network owners” or “we, the users fighting against the advertising networks”?
They aren’t fighting it single handedly. They have a massive community that is ready to help. However, Firefox has cut off the privacy community as they are more of a telemetry machine with ads for Mozilla products.
Sure, you do that. The rest of us are trying to have a functioning society and solve actual problems, so as long as you don’t get into anyones way, fine, do whatever you want.
Doesn’t solve any problems, but at least you get to feel perfectly vindicated I suppose.
Geezus fuck do you even hear yourself?
Targeted advertising is all about finding exploiting weaknesses. It is part of the dark side of technology where the computer is just a slot machine. I don’t think it is a stretch to say it is bad for humanity
The entire point of this feature is to reduce personal data given to advertisers. It’s an anti-targeted advertising measure, but one that websites have to opt in to. Ads on those sites will no longer get the full scoop on you, but instead will get anonymized and aggregated data about which ads were clicked and any conversions that happen. It’s the default because there’s no downside to enabling it.
I definitely agree that ads are terrible and that’s why I block them all. But this proposal is like your apartment complex (a website) banning door-to-door salesmen from sticking ads in your doorframe, instead putting up a little corkboard in the apartment commons (PPA) where they have to put all the ads. Would it be better if the city just banned advertising? Sure, but they’re not going to any time soon.
It is all bad. I don’t want personalized ads period. A billboard isn’t personalized and it doesn’t affect my productively or security.
This API effectively defeats ad personalization on sites that use it. The ads can at most be targeted to the site, no longer the user.
If you got your way, the vast majority of the Internet would disappear together with the advertising. The Internet runs on advertising. If it stops being viable, so does the Internet as a whole. How do you think all these free services are funded?
The trick is to take the privacy violating and tracking part out of it. If you block ads, that doesn’t matter. If a few tech savvy people do, it doesn’t matter. If literally everyone does, it suddenly matters a lot.
Of course they are working with one of the advertising giants, that’s the point. That’s who the solution is for. If none of them would accept it, it might as well not exist.
the vast majority of the internet is shit, it’s a slurry of Content from content farms designed to top google search results or go viral on social media. if all that were to disappear then the internet would absolutely become a better place
Problem is it wouldn’t be the “good stuff” that remains. So good luck with your utopian dreams.
This is just a continuation of the slow death of Mozilla. They need to seriously rethink a lot of things. There are ways to make it profitable and still protect privacy and freedom. For instance, they could work on private digital cash like Taler or they could sell merch.
https://wiki.mozilla.org/SwagStore