Understanding Apple’s Private Click Measurement
Private advertising technology proposals could greatly improve privacy for web users. Web advertising has a reputation for poor privacy practices. Firefox, other browsers, and the web community are collaborating on finding ways to support advertising while maintaining strong, technical privacy protections for users.
This series of posts aims to contribute to the ongoing conversation regarding the future of advertising on the web by providing technical analyses on proposals that have been put forward by various players in the ecosystem to address the questions of what might replace third-party cookies. In this installment, we look at Apple’s Private Click Measurement (PCM).
PCM differs from the subject of our other analyses in that it is more than a mere proposal. PCM is available in Safari and iOS today.
The goal of PCM is to support conversion measurement through a new in-browser API. Conversion measurement aims to measure how effective advertising is by observing which advertisements lead to sales or other outcomes like page views and sign-ups. PCM measures the most direct kind of conversion, where a user clicks an ad on one site then later takes an action on the advertiser’s site, like buying a product.
The way that PCM works is that the browser records when clicks and conversions occur. When a click is followed by a conversion, the browser creates a report. PCM aims to safeguard privacy by strictly limiting the information that is included in the report and by submitting reports to the websites through an anonymization service after a delay.
Our analysis concludes that PCM is a poor trade-off between user privacy and advertising utility:
- Although PCM prevents sites from performing mass tracking, it still allows them to track a small number of users.
- The measurement capabilities PCM provides are limited relative to the practices that advertisers currently employ, with long delays and too few identifiers for campaigns being the most obvious of the shortcomings.
Overall, the design choices in PCM that aim to safeguard privacy provide insufficient privacy protections, but they appear to make the API less useful for measurement.
The Private Advertising Technology Community Group (PATCG) in the W3C are currently discussing options for measurement in advertising.
For more on this:
Building a more privacy-preserving ads-based ecosystem
Mozilla responds to the UK CMA consultation on Google’s commitments on the Chrome Privacy Sandbox
Privacy analysis of SWAN.community and Unified ID 2.0
Analysis of Google’s Privacy Budget proposal
Privacy Preserving Attribution for Advertising: our Interoperable Private Attribution proposal