- From: Russell Stringham via GitHub <sysbot+gh@w3.org>
- Date: Thu, 14 Apr 2022 23:42:22 +0000
- To: public-patcg@w3.org
This is also a tangent, but I think it will help illustrate why it might be important to support cross-app/cross-device reporting as well as provide insight into why we need better privacy preserving advertising options. I expect most of this is not new for this audience, but I will provide a little background. Ad supported sites, services and apps need a minimum amount of revenue to support their operations and encourage future improvements. Advertising using third-party cookies with cross-site tracking provides that revenue today (at least where third-party cookies are still available and the tracking is permitted by law or lack thereof). As third-party cookies go away for many sites, revenue will drop. Sites with audiences that are at least somewhat loyal are either putting up paywalls to cover the lost revenue or are requiring the creation of a free login. With the login information, they are able to track that user not only across sites, but across devices. This makes ads served on these sites more valuable than tracking based simply on third-party cookies. This is especially true for streaming media devices (Roku, Apple TV, etc.), where purchases/conversions never happen on the device. I’m sure there are studies that have estimated the premium that sites requiring a login get, but for the sake of discussion, let’s just assume that revenue per ad increases by an average of 20% (all estimates that follow are simply provided as potentially realistic examples rather than research-supported numbers). Sites that cannot or will not require a login will see a drop in revenue (perhaps 20%?) as ad spend moves to the sites with better tracking. As third-party cookies disappear, revenue will drop further unless comparable functionality is made available via the solutions we are trying to develop here. Ads based solely on first-party, contextual data will be worth considerably less than ads leveraging knowledge gleaned from other sites/sources, especially for small sites with infrequent repeat visitors. Revenue on these sites might easily drop by 75%. Streaming video ads are rarely clicked (in apps and streaming devices they are often not even clickable). If view-through attribution is not supported, the value of video ads may drop by 80%. If frequency capping is not supported, value drops by another 5-10%. If view/click fraud are not easily detected/prevented revenue drops an additional 90%. All the revenue lost by these sites will flow instead to the sites that are requiring a login, making the login requirement even more valuable. The net result will be that the revenue per ad on sites requiring a login may be 20X the revenue per ad on sites that don’t. This will force any site that can require a login to do so. Thus, the privacy enhancing features being rolled out by browsers will actually result in less privacy for the average user, because the tracking will be cross-device using an ID that directly identifies the user rather than the pseudonymous, single-browser ID generally used by third-party cookies. I would like to see advertising solutions that offer privacy-friendly sites the ability to capture at least a good fraction of the revenue of sites that utilize cross-device tracking. The goal of IPA fits well with this desire as it supports private cross-device (but the attribution detail may be too limited). PCM, PARAKEET, FLEDGE, Topics and similar are also steps in the right direction. However, in the discussions we are often so worried that we might expose a tiny bit of fingerprinting surface that we restrict their functionality to the point where they are scarcely more valuable than not providing the feature. The result is that privacy-preserving advertising will not fund most sites and they will go out of business or be forced to require a login. I would love to explore ways that we can relax the fingerprinting concerns to allow sites with strong, legally enforceable privacy policies and/or sites where cross-site tracking without permission is prohibited by law with stringent enforcement to be able utilize privacy-preserving advertising with better functionality even though it could be misused for fingerprinting. The illicit cross-site tracking must occur on lots of sites or it won’t build a sufficient profile to be valuable. If it occurs on lots of sites, the use of the technology will be discovered and the ad tech companies that perform it will be shut down or kicked off reputable sites (causing them to go out of business). -- GitHub Notification of comment by RussStringham Please view or discuss this issue at https://github.com/patcg/patwg-charter/issues/7#issuecomment-1099722441 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 14 April 2022 23:42:27 UTC