Re: [w3ctag/design-reviews] Early design review request: IPA (Issue #823) from Shivan Kaul Sahib on 2023-03-15 (public-webapps-github@w3.org from March 2023)

From: Shivan Kaul Sahib <notifications@github.com>
Date: Wed, 15 Mar 2023 12:24:09 -0700
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/823/1470681893@github.com>

Some general feedback and thoughts:

1. I’m not seeing the user benefit here: the use case pointed out (“measuring the impact of advertising based on cross site behavior”) is very explicitly a use-case **website developers** have, **not end users** (with reference to [W3C priority of constituencies](https://w3ctag.github.io/design-principles/#priority-of-constituencies)). Users already have choices regarding preventing Web tracking; most user agents already block 3rd party cookies by default.

2. I also think this has the potential to be actively harmful for users: for e.g. this from the Explainer is concerning: “If a match key provider is able (and willing), they could extend this even further by performing user-level linkage to other contexts (e.g., email based matching with offline merchants), then distribute encrypted match keys, enabling businesses to bring offline user activity from these other contexts into the MPC. The impact this may have on the overall ecosystem is not obvious. On one hand, it may drive an increase in sharing of PII between parties in an effort to gain access to this new measurement capability.” Plus, the overall complexity of this is problematic, which is largely hidden from users; ISTM that when the system fails, user privacy is harmed in a way that is invisible to users. Similarly…

3. What all can the user verify in this system regarding their privacy? Can they verify that the privacy budget is being respected, for e.g.?

4. This proposal will prioritize and further lead to the consolidation of the Web in favour of large browser vendors. MPC-based systems tend to be expensive to operate, and if IPA is “standardized and implemented across browsers so that developers have a only one common API that supports this use case” then my concern is that would be effectively ruling out smaller user agents who can’t afford to pay for such a service.

--
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/823#issuecomment-1470681893
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/823/1470681893@github.com>

Received on Wednesday, 15 March 2023 19:24:22 UTC