PETs for Attribution and Reporting: Key Insights to Take Away

Introduction

As a leading AdTech company that drives commerce outcomes for media owners and marketers, Criteo is one of the companies shaping the industry’s future, notably on attribution and reporting. As such, we published a series of articles focusing on understanding and discussing the technologies underlying current browser vendors’ proposals for attribution and reporting use cases:

• An Introduction to PETs for Attribution and Reporting ;
• PETs in Advertising: Scenarios for Secure Multi-Party Computation ;
• PETs in Advertising: Scenarios for Trusted Execution Environments .

Such technologies are referred to as privacy-enhancing technologies (PETs) and are being proposed to preserve user privacy while allowing cross-site measurement and attribution. To meet this goal, two PETs are currently being investigated by major browser vendors (Google Chrome & Meta/Mozilla Firefox), namely secure multi-party computation (MPC) and trusted execution environments (TEEs).

This article summarises our main findings regarding the cost of using such PETs for standard advertising use cases, requirements for AdTech companies willing to use APIs leveraging these PETs, and opportunities AdTech companies might unlock beyond current proposals.

TL;DR

• For simple advertising use cases (e.g. attribution & reporting), leveraging either MPC or TEE does not yield significant costs for AdTech companies: the relative cost compared to the campaign cost is of order 0.6% in the least favorable scenario.
• More sophisticated use cases (e.g. campaign optimisation via machine learning training) are currently not supported in browser vendors’ proposals. Performing these use cases directly within TEE-based trusted servers is doable but further investigation is needed to answer how the audit of the code within the TEE will be done. We hope that this series of articles will allow us to foster discussions in the advertising landscape to address the aforementioned issues.
• Finally, we identified areas of improvement regarding browser vendors’ proposals to empower flexibility, performance, and cost efficiency of AdTech companies. Notably, we would like to initiate discussions (e.g. see our github issue) on the possibility for AdTech companies to host TEEs on-premise to run bidding and reporting Privacy Sandbox APIs.

PET-based browser vendors’ proposals for Attribution and Reporting

As summarised in the below table, several browser vendors have made proposals that leverage PETs to perform attribution and reporting. Note that, given the large number of browser vendors’ proposals (including those not leveraging MPC or TEE), we are not committed to performing an comprehensive analysis of all these proposals. Nevertheless, some of our findings might be re-used to understand complementary browser vendors’ proposals such as PARAKEET from Microsoft Edge [6–7].

Table 1 — Summary of browser vendors’ proposals / APIs based on PETs.

Cost of PET-powered advertising use cases

We gather in Table 2 below envisioned computing and networking costs for AdTech companies when calling PET-based APIs to perform attribution, reporting, and campaign optimisation. Note that other types of cost should also be considered such as, when considering a TEE, the cost of attesting the code running within the TEE, or the hardware expenditure cost if the TEE is running on-premise.

Table 2 — Envisioned costs associated to PET-enhanced advertising use-cases.

Considerations for AdTech companies in the status quo

This section summarises some key considerations that AdTech companies should factor in when implementing current proposals.

Trust

• For MPC-based browser vendors’ proposals, AdTech companies have to trust that a set of trusted helper servers owned by third-party companies will not collude i.e. will not share their private input information among themselves. Otherwise, these helper servers will be able to perform cross-domain tracking of individual users.
• For TEE-based browser vendors’ proposals, AdTech companies will need to trust both the TEE manufacturer (e.g. Intel or AMD) — having no prior interest in advertising nor marketing — and the party hosting the TEE (e.g. the cloud vendor).

Trusted server hosting

Notably for TEE-based proposals, the AdTech company will be required to run TEEs in cloud instances. Being required to operate on a cloud platform is likely to increase an AdTech company’s costs significantly, from those operating from their own infrastructure such as Criteo. As far as we know, a majority of the largest Supply and Demand Side Platforms are running part if not all on premise, or are actually cloud providers [8–9]. It is therefore critical that browser vendors express the infrastructure and security requirements under which AdTech companies could perform reporting and bidding on-premise, rather than defaulting to cloud as a de facto hosting solution. To initiate these discussions, we opened an agenda request to have the possibility to discuss on-premise TEE hosting in the upcoming W3C event in London.

Machine learning training via trusted helper servers

Currently, campaign optimisation via the usage of trusted helper servers is not supported by major browser vendors’ proposals such as Interoperable Private Attribution of Meta/Mozilla and the Privacy Sandbox of Google Chrome. While event-level reports might be available for some years via Privacy Sandbox reporting APIs, resorting to PET-enhanced trusted servers leaves open the opportunity for AdTech to perform ML training directly within these trusted servers. In particular, this possibility would allow AdTech companies to:

• Innovate by training sophisticated ML algorithms on granular data (e.g. deep learning approaches) instead of devising specific and challenging ML approaches for aggregated input data;
• Reduce the quantity of noise added by resorting to global differential privacy instead of local differential privacy.

Such opportunity is also pushed by other actors in the advertising landscape (e.g. see this github issue or MaskedLARK proposal by Microsoft Edge). We believe that a standardisation of how to solve the “private campaign optimisation” use case is important and we are looking forward to participate in upcoming discussions on this topic.

What’s Next

We would like to present some of our findings in an upcoming W3C event in London on 14–15 June, 2023. We also plan to publish another article on how trusted execution environments could be leveraged to address a variety of issues regarding bidding and auctions, such as avoiding auction replay.

References

[Criteo 2] PETs in Advertising: Scenarios for Secure Multi-Party Computation

[Criteo 3] PETs in Advertising: Scenarios for Trusted Execution Environments

[1] Privacy Sandbox

[2] Aggregated Attribution Reporting API

[3] Bidding and Auctions Services API

[4] Protected Audience API’s key/value server

[5] Interoperable Private Attribution

[6] PARAKEET

[7] MaskedLARK

[8] Building a Future with Private Cloud Computing for Advertising Technology

[9] Magnite Invests In New Data Center in Singapore to Support Growing APAC Business | Magnite, Inc.