2 points
*
I can already see how Advertisers AND Websites will collude and break this one.
- Specifically placed ads; targeted at specific website pages which a majority of their target grouping will visit.
- Generate an ad that will specifically reside on a page deep inside of the site; think 4+ clicks deep; which is intensely personalized to their target. 1
- Ad will trigger; register “Impression” and be boxed up into Differential Privacy set by the DAP.
- Since that’s the only ad targeted for that specific page, any impression is an answer of 1 or ‘True’.
- Through microtargeting of these deep pages they can learn a lot about what people do online and could potentially break Differential Privacy.
1 - In this example the URI being targeted could be something like https://www.example.com/zhuli/do/the/* in such a way that when you visit https://example.com/zhuli/do/the/thing/order.php is always recorded.
1 point
https://datatracker.ietf.org/doc/html/draft-ietf-ppm-dap#name-security-considerations
In theory this could be defeated easily if a fork of Firefox wanted to send lots of noise or someone decided to emulate many Firefox clients with false information.
1 point
I already turned it off without asking Firefox
1 point
What’s the deal with Firefox mobile (Android)? Couldn’t see the setting.
