Add View and Click Data explainer section #1279
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -35,6 +35,7 @@ See [the Protected Audience API specification](https://wicg.github.io/turtledove | |
| - [3.4.1 Flexible Component Ad Selection Considering k-Anonymity](#341-flexible-component-ad-selection-considering-k-anonymity) | ||
| - [3.5 Filtering and Prioritizing Interest Groups](#35-filtering-and-prioritizing-interest-groups) | ||
| - [3.6 Currency Checking](#36-currency-checking) | ||
| - [3.7 View and Click Data](#37-view-and-click-data) | ||
| - [4. Browsers Render the Winning Ad](#4-browsers-render-the-winning-ad) | ||
| - [5. Event-Level Reporting (for now)](#5-event-level-reporting-for-now) | ||
| - [5.1 Seller Reporting on Render](#51-seller-reporting-on-render) | ||
|
|
@@ -1148,6 +1149,112 @@ Currency checking after `scoreAd()` happens only inside component auctions. If | |
|
|
||
| `sellerCurrency` also has an extensive effect on how reporting behaves. Please see the section on [Currencies in Reporting](#53-currencies-in-reporting) for more details. | ||
|
|
||
| ### 3.7 View and Click Data | ||
| User clickiness, the propensity of a user to interact with ads, is an important feature in existing bidding models, which could indicate a user’s general ad interaction behavior. In Protected Audience, buyers can get access to limited cross-site clickiness signals. To do this, adtechs can register views and clicks with the browser. At bidding time, the browser counts the registered views and clicks on that device for pre-defined time intervals, so that bidding logic can take them into account. | ||
|
|
||
| #### 3.7.1 Registering View and Click Events | ||
|
|
||
| [attributionsrc](https://wicg.github.io/attribution-reporting-api/#dom-htmlattributionsrcelementutils-attributionsrc) is an attribute on select HTML elements (`<a>`, `<img>`, `<script>`) and an argument to select JavaScript methods (`window.open`) that can be used to direct the browser to send background requests to one or more specified URLs and to process the returned HTTP response headers. These headers may instruct the browser to register eligible view and click events. The value of `attributionsrc` is typically an advertiser or ad-tech provider endpoint. This attribute name is the same as what’s already used for Attribution Reporting API (ARA), so adtechs do not need to retag their HTML or JavaScript, or use additional requests to register view and click events. `attributionsrc` can continue to be used in the same way as described in [the Attribution Reporting API integration guide](https://developers.google.com/privacy-sandbox/private-advertising/attribution-reporting/enable-conversion-measurement) describing conversion measurement in the ["How the attributionsrc attribute works"](https://developers.google.com/privacy-sandbox/private-advertising/attribution-reporting/enable-conversion-measurement#how_the_attributionsrc_attribute_works) and ["Add `attributionsrc` for click and impression events"](https://developers.google.com/privacy-sandbox/private-advertising/attribution-reporting/enable-conversion-measurement#add_attributionsrc_for_click_and_impression_events) sections. To summarize: | ||
|
|
||
| **Views** don’t require any user interaction and can be registered via `<img>` or `<script>` tags using the `attributionsrc` attribute: | ||
|
|
||
| ``` | ||
| <img src="https://advertiser.example/pixel" | ||
| attributionsrc="'https://adtech.example/register-view?metadata=..."> | ||
|
|
||
| <script src="https://advertiser.example/register-view" | ||
| attributionsrc="'https://adtech.example/register-view?metadata=..."> | ||
|
|
||
| ``` | ||
|
|
||
| **Clicks** can be registered on HTML anchor tags: | ||
|
|
||
| ``` | ||
| <a href="https://advertiser.example/landing" | ||
| attributionsrc="https://adtech.example/register-click?metadata=..."> | ||
| click me | ||
| </a> | ||
| ``` | ||
|
|
||
| **Clicks** can also be registered via calls to window.open that occur with [transient activation](https://html.spec.whatwg.org/multipage/interaction.html#transient-activation): | ||
|
|
||
| ``` | ||
| // Encode the attributionsrc URL in case it contains special characters, | ||
| // such as '=', that will cause the parameter to be improperly parsed. | ||
| window.open( | ||
| "https://advertiser.example/landing", "_blank", | ||
| attributionsrc=encodeURIComponent( | ||
| "https://adtech.example/register-click?metadata=...")); | ||
| ``` | ||
|
|
||
| When `attributionsrc` is used: | ||
| * The browser will always look for view and click data on the response to the request that goes to a clickthrough URL ("href" on an `<a>` tag) or impression URL ("src" on an `<img>` or `<script>` tag). | ||
| * When `attributionsrc` is non-empty, the browser will also send a background request to the URL specified in the value of `attributionsrc`, and then look for view and click data on the response. | ||
|
There was a problem hiding this comment. Assume that foreground and background requests will process the headers on redirects to origins whose sites are attested? |
||
| * The `attributionsrc` HTML attribute may include multiple space-delimited URLs, in which case the browser will issue a background request for each. | ||
|
|
||
|
|
||
| When the browser sends these request(s), it will include a new `Ad-Auction-Registration-Eligible` header whose value will be exactly one of "view" or "click". | ||
|
There was a problem hiding this comment. Will Protected Audience "GREASE" the request header value as ARA does? |
||
|
|
||
|
|
||
| 1. `<a>` and `window.open` will have the click value. | ||
| 1. Other APIs that automatically set `Ad-Auction-Registration-Eligible` (i.e. `<img>` and `<script>`) will have the view value. | ||
| 1. Requests from JavaScript using `window.fetch` may have the view value when issued using the fetch option, `{ eventSourceEligible: true }`. | ||
| 1. All other requests will not have the `Ad-Auction-Registration-Eligible` header. | ||
|
|
||
|
|
||
| A server receiving the `Ad-Auction-Registration-Eligible` header may respond in such a way that indicates to the browser that this request should be counted among the events used to calculate that user's view and click counts. To do so, the server's response should include an `Ad-Auction-Register-Event` structured response header of the form: | ||
|
There was a problem hiding this comment. Suggest structured response header as structured field value header. |
||
|
|
||
| ``` | ||
| Ad-Auction-Register-Event: type=[view|click]; eligible-origins=https://www.example-dsp.com,https://www.example2.com; | ||
|
There was a problem hiding this comment. Is the top-level type a Dictionary? |
||
| ``` | ||
|
|
||
| * `type`: Required. Indicates whether this event should be counted as a "view" or a "click". The browser will verify that the type of event being registered matches the type for which this request is eligible - "view" or "click" - and discard events for which this request is not eligible. | ||
| * `eligible-origins`: Optional. Conveys one or more origins for which this event should be included in the computed view and click counts that will be provided to UDFs in Protected Audience auctions. If omitted or blank, this event will **only** be included in the counts available to the origin that returned that `Ad-Auction-Register-Event`. | ||
|
There was a problem hiding this comment. The providing origin is implicitly an |
||
|
|
||
|
|
||
| The "providing origin" is the origin from which the `Ad-Auction-Register-Event` header was received. The browser will only record view and click events for the providing origin if its [site](https://html.spec.whatwg.org/multipage/browsers.html#obtain-a-site) (scheme, eTLD+1) is attested for Protected Audience API. Please see [the Privacy Sandbox enrollment attestation model](https://github.com/privacysandbox/attestation#the-privacy-sandbox-enrollment-attestation-model). Similarly, the browser will only retain eligible origins whose site (scheme, eTLD+1) is attested for Protected Audience API. | ||
|
There was a problem hiding this comment. Without talking about measurement platform but even a tech intermediary cannot be part of viewAndClickCountsProviders , right? |
||
|
|
||
| #### 3.7.2 Using View and Click Counts in Bid Generation | ||
|
|
||
| Buyers can specify the set of providing origins from which view and click events should be included using a new `viewAndClickCountsProviders` field in their interest group: | ||
|
|
||
| ``` | ||
| const myGroup = { | ||
| 'owner': 'https://www.example-dsp.com', | ||
| 'name': 'womens-running-shoes', | ||
| 'viewAndClickCountsProviders': ['https://www.example-dsp.com', 'https://www.example-adserver.com'], | ||
| // ... | ||
| }; | ||
| const joinPromise = navigator.joinAdInterestGroup(myGroup); | ||
| ``` | ||
|
|
||
| If specified, view/click counts will be computed by summing all counts for which the providing origin is included in `viewAndClickCountsProviders`, and for which the eligible origins include the interest group owner. If not specified, the browser will by default include only those view and click events that the interest group owner provided to itself. | ||
|
|
||
| When the buyer-defined `generateBid()` is called, two new fields - `viewCounts` and `clickCounts` - will be provided in the `browserSignals` argument, each of which will be an object that contains a field for each of the five fixed time windows. | ||
|
There was a problem hiding this comment.
This is for now on-device only? |
||
|
|
||
| ``` | ||
| viewCounts: { pastHour: 1, pastDay: 2, pastWeek: 3, past30Days: 3, past90Days: 3 } | ||
|
There was a problem hiding this comment. Suggest some mention of these attributes in 3.2's |
||
| clickCounts: { pastHour: 0, pastDay: 0, pastWeek: 1, past30Days: 1, past90Days: 1 } | ||
|
There was a problem hiding this comment. For measurement, would not be useful to include additional time windows? (e.g past15days) |
||
| ``` | ||
|
|
||
| These fields will only be present if the interest group has registered views or clicks. The browser may place limits on view and click counts to conserve device resources (e.g. using coarser time resolution for older data). | ||
|
|
||
| #### 3.7.3 Lifespan and Limits of View and Click Data | ||
|
|
||
| View and click data will automatically be deleted after the maximum interest group lifetime. Protected Audience user controls also apply to view and click data. To protect user privacy and prevent abuse, the browser enforces a rolling rate limit of 10 view events and 10 click events over the past 20 seconds for each origin that records views or clicks. | ||
|
|
||
| #### 3.7.4 Access Controls | ||
|
|
||
| **For sites**: | ||
| * Recording of view and click events will only be allowed provided the publisher's Permissions-Policy permits interest group additions by the providing origin ([`join-ad-interest-group` directive](https://developers.google.com/privacy-sandbox/private-advertising/setup/web/permissions-policy)) . ARA permission policy is not required. | ||
|
There was a problem hiding this comment. Some publishers might see this as too expansive. They may be fine with adtechs recording views and clicks, but not joining IGs on their property. |
||
| * If a site wants to use ARA but not to register Protected Audience view and click events, they can use the permissions policy to generally allow ARA but disallow Protected Audience interest group additions. Similarly, a site can use fine-grained control to configure which third-parties can record views and clicks for Protected Audience. | ||
|
|
||
| **For ad tech companies**: | ||
| * To record views and clicks, the adtech is required to have its site (scheme, eTLD+1) attested for Protected Audience API. Please see [the Privacy Sandbox enrollment attestation model](https://github.com/privacysandbox/attestation#the-privacy-sandbox-enrollment-attestation-model). Attestation for ARA is not required. | ||
| * If an adtech wants to use ARA but not record Protected Audience views and clicks, they can simply exclude the Protected Audience view and click events header and/or not have its site (scheme, eTLD+1) attested for Protected Audience API. | ||
|
|
||
| **For end users**: | ||
| * View and click events are only recorded when the user control for Protected Audience is enabled. The user control for ARA is not considered. | ||
|
There was a problem hiding this comment. If an end user deletes site data/QD, are the view and click and PA data included? |
||
|
|
||
| ### 4. Browsers Render the Winning Ad | ||
|
|
||
| The winning ad will be rendered in a [Fenced Frame](https://github.com/shivanigithub/fenced-frame): a mechanism under development for rendering a document in an embedded context which is unable to communicate with the surrounding page. This communication blockage is necessary to meet the privacy goal that sites cannot learn about their visitors' ad interests. (Note that the k-anonymity rendering threshold alone is not enough to address this threat: the threshold prevents ads which could identify a single person, but it allows ads which identify a group of people that share a single interest.) | ||
|
|
||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please remove the extraneous apostrophe. (attributionsrc="'...")