-
Notifications
You must be signed in to change notification settings - Fork 160
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New Reporting Origin Rate Limit #725
Comments
I'm not grokking your 'reporting site' reference. There is reporting origin that must be identical across Source and Trigger registration responses, correct? IOW, https://ara.adtech.example or https://ara.advertiser.example on both sides. Destination site, the location where Triggers are registered whose eTLD+1 must match prior source registrations by the same reporter. And source site, the eTLD+1 where sources are registered. If by {source site, reporting site} you meant {source site, destination site}, wouldn't that limit an advertiser to a single measurement partner (reporting origin)? |
@dmdabbs if I understand correctly, this is about restricting the number of origins a given site can use as reporting endpoints, on one source site. That is, in the following sequence:
(2) would be disallowed by this new rate-limit, because the reporting endpoint's site (adtech.example) has already had one origin register on publisher.com. |
@csharrison thank you for the clarification! One use case for which this might produce friction is a multi-brand CPG or other entity using the same origin for various 'product lines' conversions. The advertiser or their partner will need to use separate reporting origins for each in order to create separate 'attribution lanes' for each line. Those lines would no longer have use of linea.advertiser.com, brandb.advertiser.com &c. |
Thanks for the feedback! We hoped to solve this in some way with the attribution filtering mechanism, but this doesn't quite support multiple independent lanes like multiple reporting origins does. The filtering mechanism just lets you selectively ignore conversions that attribute to the wrong category/lane. The problem with wholey supporting this use-case is that unfortunately it can lead to unintuitive privacy violations. |
We are considering adding the following reporting origin rate limit: 1 reporting origin per {source site, reporting site}
Site = eTLD + 1
This change would have a positive impact on privacy and help prevent some potential attacks i.e. ad techs using multiple reporting origins to achieve additional privacy budget.
We are looking for feedback on if this change puts any use-cases at risk.
The text was updated successfully, but these errors were encountered: