• Melody Fwygon@lemmy.one
    ·
    edit-2
    5 months ago

    I can already see how Advertisers AND Websites will collude and break this one.

    • Specifically placed ads; targeted at specific website pages which a majority of their target grouping will visit.
    • Generate an ad that will specifically reside on a page deep inside of the site; think 4+ clicks deep; which is intensely personalized to their target. 1
    • Ad will trigger; register "Impression" and be boxed up into Differential Privacy set by the DAP.
    • Since that's the only ad targeted for that specific page, any impression is an answer of 1 or 'True'.
    • Through microtargeting of these deep pages they can learn a lot about what people do online and could potentially break Differential Privacy.

    1 - In this example the URI being targeted could be something like https://www.example.com/zhuli/do/the/* in such a way that when you visit https://example.com/zhuli/do/the/thing/order.php is always recorded.

    • Melody Fwygon@lemmy.one
      ·
      5 months ago

      https://datatracker.ietf.org/doc/html/draft-ietf-ppm-dap#name-security-considerations

      In theory this could be defeated easily if a fork of Firefox wanted to send lots of noise or someone decided to emulate many Firefox clients with false information.