• sugar_in_your_tea@sh.itjust.works
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    6 months ago

    Like this:

    1. Mozilla runs some algorithm to categorize browsing history
    2. Advertisers send an ad compaign to Mozilla targeting certain categories
    3. Firefox downloads those campaigns regularly and notifies websites that the client has opted-in to local ads
    4. Website doesn’t display ads, and Firefox replaces ad areas with locally-driven ads
    5. Any clicks/views are recorded locally and reported periodically to Mozilla in an anonymized fashion (e.g. distribution of categories among views and clicks, distribution across domains, etc); clicks open in a new tab with no tracking other than the ad image that was clicked (e.g. if it was a product, the server can redirect to that product page)
    6. Mozilla bills advertisers using click and view stats; advertisers only get summarized, aggregated data

    That’s what I thought Brave was promising, and that’s what I hope Mozilla is planning. I doubt Mozilla will deliver, but hope springs eternal. If anyone can do it, it’s Mozilla, I just doubt they will.

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      6 months ago

      5 is the problem. If you click through to anything, the person who gets the clicks knows what campaign you came from.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        arrow-up
        3
        ·
        6 months ago

        Sure, but that wouldn’t identify you, and that’s the important part. And they’d only know that if you actually click. I guess they could try the fingerprinting route, but Mozilla could also make strict policies that any company caught doing that would have their ad agreement rescinded.

        I doubt ad companies would get on board with that, but those are my requirements. I’m happy to look at ads, provided my privacy is maintained.

        • jet@hackertalks.com
          link
          fedilink
          English
          arrow-up
          2
          ·
          6 months ago

          I’m not sure that’s true.

          Advertisement campaign a, takes people to landing site b.

          Anybody who shows up at site b, you know was targeted and campaign a.

          And if you’re saying b is some generalized large domain, I promise you no advertiser would ever do that. They would set up subdomains, or campaign specific domains, any landing page where they know where you’re coming from. And there’s no way to stop them from doing that

          • sugar_in_your_tea@sh.itjust.works
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            6 months ago

            Advertisement campaign a, takes people to landing site b.

            Mozilla would be in charge of how long campaigns run, and what types of URLs would be allowed. The alternative is those ads get blocked and the advertiser gets nothing.

            So yeah, the advertiser could tell that a Firefox user visited a given link, but they couldn’t identify anything in particular about that user, other than their search history matched one of the criteria for the campaign.

            That’s honestly pretty acceptable. Other advertisers know the site the ad was served on, cookies from that site, potentially a nonce per user, etc. This method strips most of that, and only lets them know that it was a Firefox user during a given campaign. Mozilla could do audits to check if they’re doing anything more to fingerprint users, and if so, drop the advertiser.

            If those users would otherwise block ads, theoretically those advertisements are more valuable because those users are much harder to target. So advertisers may be willing to compromise here, since the alternative is no revenue. Mozilla would share revenue with sites, so there’s an incentive for websites to opt-in as well.

            • jet@hackertalks.com
              link
              fedilink
              English
              arrow-up
              1
              ·
              6 months ago

              I see what you’re saying, but I don’t think there’s any universe where an advertiser will pay for traffic without any way to identify that that traffic came from an advertisement campaign

              Let me use an illustrative example,

              An advertiser selects middle class, obese, yet healthy minded people to receive an ad for their Fatboy Summer fitness campaign

              The landing page of this campaign, is not the main site for a gym, but a Fatboy Summer specific landing page with a special offer etc etc etc all very reasonable. If you click on the link you want to find more information about their special campaign offer.

              The fact that that landing page will be specific to the advertisement campaign is a given, it’s just a necessity of the transaction. Knowing these two pieces of information, you know anybody who ended up at that landing page is middle class, obese, but hopeful about getting healthy.

              This is why targeted advertisements and privacy are diametrically opposed

              • sugar_in_your_tea@sh.itjust.works
                link
                fedilink
                arrow-up
                1
                arrow-down
                1
                ·
                edit-2
                6 months ago

                Perhaps. But they can also intuit that if someone gets to the landing page without clicking the link, because that’s what that program appeals to. They also likely have a variety of other categories as well, such as non-obese and non-fit, lower class but living with parents, upper-class and single, etc.

                But the important thing is that they wouldn’t know which website the ad was served from or a unique identifier from the website to correlate to other data. If it’s replacing Google or Facebook ads, that can be a lot of data, including my occupation, hobbies, accounts at other websites, etc. If all they get is that I was at least a >X% match for their ad-campaign through Mozilla, I’m fine with that. I can always clear/prune my browsing history to reset what types of categories I fall into.

                But yeah, I get that many advertisers aren’t going to be interested giving up that much data. However, if the alternative is no ads whatsoever, maybe that’s attractive enough that they buy in. Idk, but that’s my policy. If the ads won’t respect my privacy, I’ll block them. That’s my line in the sand. If Mozilla offers a product I’m okay with, I’d be willing to disable my ad-blocker for those sites that opt-in.