- From: Roxana Geambasu via GitHub <noreply@w3.org>
- Date: Fri, 30 May 2025 20:50:52 +0000
- To: public-patwg@w3.org
roxanageambasu has just created a new issue for https://github.com/w3c/patwg: == Agenda Request - (1/2) Proposed Methods for Managing Global Safety Limits in PPA == ## Agenda+: What do you want to discuss? I would like to present and discuss methods for managing the global privacy budget (or “safety limits”) in the [PPA spec](https://w3c.github.io/ppa/#dp-safety), particularly in response to denial-of-service (DoS) risks such as those raised in [PPA issue #69](https://github.com/w3c/ppa/issues/69). These methods are grounded in our recent academic work (now under peer review) and instantiated in a Rust prototype library that we integrate into Firefox for exemplification. Our approach introduces a system of *quota budgets*, not for privacy accounting, but for *isolation*: they allow benign workloads to operate normally while degrading gracefully under adversarial attempts to deplete the global budget. We plan to release the academic paper and prototypes next week ahead of the meeting. At the meeting, I’d like to introduce the core ideas, share results from experimental evaluations on the new Criteo dataset, and offer recommendations based on our analysis regarding what enforcement mechanisms browsers will likely need to adopt. Our methods rely on assumptions--for example, that attackers cannot easily induce many users to visit attacker-controlled domains--which browsers must help uphold for our protections to be meaningful. ## Time 45 minutes. Constraints: - It would be good to order this issue first of the two I am proposing for the meeting. - I will be attending PATWG in person **only on June 10**, so I would appreciate a slot that day. ### Links Next week I will post links to the draft academic paper, the Rust prototype, and its Firefox integration. Please view or discuss this issue at https://github.com/w3c/patwg/issues/48 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 30 May 2025 20:50:53 UTC