Intent to Prototype: Private Aggregation API
Alex Turner
Contact emails
Explainer
https://github.com/alexmturner/private-aggregation-api
Specification
None yet
Summary
A generic mechanism for measuring aggregate, cross-site data in a privacy preserving manner. The potentially identifying cross-site data is encapsulated into "aggregatable reports". To prevent leakage, this data is encrypted, ensuring it can only be processed by the aggregation service. During processing, this service will add noise and impose limits on how many queries can be performed.
Blink component
Motivation
Relative to cross-site data from each user, aggregate, noisy data can leak less information about individual users, and yet would be sufficient for a wide range of use cases that rely on third-party cookies today. An aggregation service has been proposed to allow reporting noisy, aggregated cross-site data. This service was originally proposed for use by the Attribution Reporting API, but allowing more general aggregation would support additional use cases.
Initial public proposal
TAG review
TAG review status
Not yet filed
Risks
Interoperability and Compatibility
Gecko: No signal
WebKit: No signal
Web developers: No signals
Other signals:
Debuggability
Is this feature fully tested by web-platform-tests?
Not yet, but will be.
Flag name
PrivacySandboxPrivateAggregation
Requires code in //chrome?
False
Estimated milestones
No milestones specified