Re: SPARROW Gatekeeper and hosted bidding logic

Hi Michael,

Bid values are definitely protected variables in SPARROW reporting.

Nevertheless the final auction is run by the SSP. At least one bid value per Gatekeeper and per opportunity (the highest) is transmitted to the SSP running the auction. (c.f. step by step in SPARROW: https://github.com/WICG/sparrow/blob/master/Step_by_step_auction.md).

Reducing the number of digits in the bid value would prevent the DSP sending information to the SSP through the bid value, in case of collusion between the two. We are open to discussion on the appropriate number of digits, or other privacy mechanisms.

Please note that other variables, like advertiser or DSP name, might also be needed alongside with the bid value. For example, as of today the winning bid is not always the highest one, but may depend on Ad Quality rules set by the publisher or specific deals between advertiser and publishers. Depending on the variables being sent alongside the bid value, stronger privacy mechanisms on the bid value might be needed.

Please do not hesitate to open a GitHub issue to discuss it forward.

Best,
Lionel


De : Michael Kleber <kleber@google.com>
Date : vendredi 23 octobre 2020 à 17:54
À : Lionel Basdevant <l.basdevant@criteo.com>
Cc : "public-web-adv@w3.org" <public-web-adv@w3.org>, Basile Leparmentier <b.leparmentier@criteo.com>
Objet : Re: SPARROW Gatekeeper and hosted bidding logic

Hi Lionel, thanks again for the various TPAC discussions.


  *   Bidding logics provided to the Gatekeeper by Ad Tech companies only output bid values. Some provision over bid value precision has to be taken so it cannot be used to leak information (e.g.: 4 digits rounding).  But bidding logics do not output any other info, nor do they call services outside of the Gatekeeper. So there is no need for auditing on those, and update frequency only depends on Gatekeeper and Ad Tech technical considerations.

Oh, this answer is not what I expected!

In our previous discussions about the privacy properties of Gatekeeper reporting (especially SPARROW Issue #16<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FWICG%2Fsparrow%2Fissues%2F16&data=04%7C01%7Cl.basdevant%40criteo.com%7C147207ef46b843275f9c08d8776be9c5%7C2a35d8fd574d48e3927c8c398e225a01%7C1%7C0%7C637390652653622167%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=zUMvemModZT5rYk3L3rP2jpTmYeCmbUfLWHOlezVLyk%3D&reserved=0>), we were focused on the information leakage from the "unprotected variables".  These are still the part of SPARROW reporting that makes me the most nervous.  I thought that, aside from these, we were mostly just talking about the privacy properties of k-anonymity vs differential privacy.

But your answer above now talks about bid values as a way to leak information.  How are these reported out?  Bid values don't appear in your Example of ranked privacy-preserving report<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FWICG%2Fsparrow%2Fblob%2Fmaster%2FReporting_in_SPARROW.md%23example-of-ranked-privacy-preserving-report&data=04%7C01%7Cl.basdevant%40criteo.com%7C147207ef46b843275f9c08d8776be9c5%7C2a35d8fd574d48e3927c8c398e225a01%7C1%7C0%7C637390652653622167%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=gf48Ihe15%2BWR0rxiGRs3DZzfh1Ef5LVhDAJKeC6hlDo%3D&reserved=0> at all.  If they are exposed at the event level (i.e. they are "unprotected variables"), then I am extremely worried!  Since the bidder can run arbitrary (and unaudited) logic that sees both interest-group and contextual signals, this seems like a huge opportunity for a malicious bidder to smuggle out bits of information that should never leave the Gatekeeper.

Maybe this was an error, and in fact bids never leave the Gatekeeper?  If not, I'm happy to open a new SPARROW Issue to discuss further.

--Michael


On Fri, Oct 23, 2020 at 4:16 AM Lionel Basdevant <l.basdevant@criteo.com<mailto:l.basdevant@criteo.com>> wrote:
Hi,

Thanks everyone for the two days virtual F2F, I think it was very useful and that we’ve made progress. Thanks in particular to Wendy for the organization, and to all people who run presentations.

There has been two questions from Gang Wang at the end of the last session that has been rapidly answered, and Basile and I wanted to give some precisions.

The questions were, from what I recall:

  *   In the SPARROW proposal, Ad Tech companies bidding logics would be hosted on the Gatekeeper. Do you think these Ad Tech companies will agree to share this core private competency?
  *   Bidding logic might be a lot of code, changing often. How does it fit with the Gatekeeper auditing requirements?

On these:

  *   Bidding logics hosted by the Gatekeeper are private. The Gatekeeper must not share them with any other actor. Indeed, Ad Tech companies have to trust the Gatekeeper not to do so. Nevertheless, we see this as a great improvement over TURTLEDOVE, where interest-group bidding logic (or at least part of) is sent to the browser in the form of a javascript function, which, IMHO, cannot be kept private.
  *   Bidding logics provided to the Gatekeeper by Ad Tech companies only output bid values. Some provision over bid value precision has to be taken so it cannot be used to leak information (e.g.: 4 digits rounding).  But bidding logics do not output any other info, nor do they call services outside of the Gatekeeper. So there is no need for auditing on those, and update frequency only depends on Gatekeeper and Ad Tech technical considerations.

I hope it answers the questions, do not hesitate to say so if it doesn’t.

Best,
Lionel



--
Forewarned is worth an octopus in the bush.