Simo Ahava, profile picture
Uploaded bySimo Ahava
3,934 views

Web Browsers and Tracking Protections

The document discusses the impact of web browsers' tracking protections on data collection, experimentation, and personalization efforts in advertising. It outlines how default browser settings aim to protect users from harmful tracking methods while presenting the evolution of these protections over time. Key topics include cross-site tracking, analytics integrations, and best practices for managing user data in a privacy-focused landscape.

Embed presentation

Downloaded 87 times
Web browsers and tracking protections Impact on data, experimentation, and personalization @SimoAhava from @8_bit_sheep at #DigitalElite20
Simo Ahava Partner, co-founder, 8-bit-sheep Google Developer Expert, Google Analytics Blogger, developer, www.simoahava.com Twitter-er, @SimoAhava Curator, www.cookiestatus.com
www.CookieStatus.com
Tracking protections? From what?
Default browser settings
Default browser settings designed to protect the user
Default browser settings designed to protect the user from tracking vectors that can be harmful
Default browser settings designed to protect the user from tracking vectors that can be harmful which the user has traditionally only been able to opt out of.
Graphic adapted from https://web.dev/samesite-cookies-explained/ https://www.simoahava.com/
Graphic adapted from https://web.dev/samesite-cookies-explained/ Same-site === First-party context https://www.simoahava.com/
Graphic adapted from https://web.dev/samesite-cookies-explained/ https://image.cdn.com/image.gif https://www.simoahava.com/
Graphic adapted from https://web.dev/samesite-cookies-explained/ Cross-site === Third-party context https://image.cdn.com/image.gif https://www.simoahava.com/
Graphic adapted from https://web.dev/samesite-cookies-explained/ https://page.somedomain.com/ https://page.otherdomain.com/ https://page.thirddomain.com/ https://image.cdn.com/image.gif All pages include a request to the third-party resource, thus including all cookies written on the third-party domain, enabling cross-site tracking.
Not just cookies, my friend
Trackers can leverage other types of browser storage.
Identity platforms can decorate all outbound links.
Trackers can utilize stateless tracking, such as fingerprints.
Third-party-to-first-party collusion, e.g. with CNAME. https://www.simoahava.com/web-development/whats-in-a-cname/
The (perceived) dangers of cross-site tracking
Build graphs and comprehensive audience profiles
Build graphs and comprehensive audience profiles Target ads
Target ads Manage ad frequency Build graphs and comprehensive audience profiles
View-through attribution Manage ad frequency Build graphs and comprehensive audience profiles Target ads
Manage ad frequency Build graphs and comprehensive audience profiles Cookie matching/syncing View-through attribution Target ads
Manage ad frequency Build graphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads
Manage ad frequency Build graphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations
Manage ad frequency Build graphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows
Manage ad frequency Build graphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services
Manage ad frequency Build graphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services Multi-purpose scripts
Manage ad frequency Build graphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services Multi-purpose scripts 1st party data collection
Manage ad frequency Build graphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services Multi-purpose scripts 1st party data collection Tag management
Manage ad frequency Build graphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services Multi-purpose scripts 1st party data collection Tag management Client-side state
Manage ad frequency Build graphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services Multi-purpose scripts 1st party data collection Tag management Client-side state Data quality
Manage ad frequency Build graphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services Multi-purpose scripts 1st party data collection Tag management Client-side state Data quality
Manage ad frequency Build graphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services Multi-purpose scripts 1st party data collection Tag management Client-side state Data quality
Browsers take the initiative
2003 3P cookies blocked by default without prior "seeding"
2003 3P cookies blocked by default without prior "seeding" …
2003 3P cookies blocked by default without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites
2003 3P cookies blocked by default without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 Storage Access API
2003 3P cookies blocked by default without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 Storage Access API ETP 3P storage access on known tracking domains blocked
2003 3P cookies blocked by default without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 Storage Access API ETP 3P storage access on known tracking domains blocked Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation
2003 3P cookies blocked by default without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation ETP 3P storage access on known tracking domains blocked Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation
2003 3P cookies blocked by default without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation
2003 3P cookies blocked by default without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs
2003 3P cookies blocked by default without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs Tracking protection in Edge beta
2003 3P cookies blocked by default without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 2020 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation All 3P cookies blocked ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs Tracking protection in Edge beta
2003 3P cookies blocked by default without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 2020 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation All 3P cookies blocked ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Daily purge of storage from known tracker domains Requests to fingerprinting domains blocked Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs Tracking protection in Edge beta
2003 3P cookies blocked by default without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 2020 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation All 3P cookies blocked ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Daily purge of storage from known tracker domains Requests to fingerprinting domains blocked Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs Pioneering work on reducing fingerprinting surfaces continues Tracking protection in Edge beta
2003 3P cookies blocked by default without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 2020 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation All 3P cookies blocked ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Daily purge of storage from known tracker domains Requests to fingerprinting domains blocked Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs Pioneering work on reducing fingerprinting surfaces continues Tracking protection in Edge beta Chromium Edge released Block 3P storage access from known trackers
2003 3P cookies blocked by default without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 2020 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation All 3P cookies blocked ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Daily purge of storage from known tracker domains Requests to fingerprinting domains blocked Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs Pioneering work on reducing fingerprinting surfaces continues Tracking protection in Edge beta Chromium Edge released Block 3P storage access from known trackers Referrer truncation
2003 3P cookies blocked by default without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 2020 … Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation All 3P cookies blocked ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Daily purge of storage from known tracker domains Requests to fingerprinting domains blocked Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs Pioneering work on reducing fingerprinting surfaces continues Tracking protection in Edge beta Chromium Edge released Block 3P storage access from known trackers Referrer truncation All 3P cookies blocked?
Bubbling under
Technology Preview 113 Restrict cookies set in HTTP requests to cross-site CNAME origins. Brave Chrome Edge Firefox Safari
Brave Chrome Edge Firefox Safari Cookies set to SameSite=Lax by default. Reject SameSite=None cookies that are not secure. Chrome 80, *Jul 14 ->
Cap lifetime of all script-writable storage. Brave Chrome Edge Firefox Safari !
Block all cookies in 3P context. 2022? Brave Chrome Edge Firefox Safari !!
User-Agent freeze and Client Hints. Chrome 85 (CH), 2021 (UA) Brave Chrome Edge Firefox Safari
Technology Preview 99 The isLoggedIn API (experimental). Brave Chrome Edge Firefox Safari
Private Click Measurement / Ad Click Attribution. Brave Chrome Edge Firefox Safari
Impact
Analytics Advertising Experimentation
Analytics Advertising Experimentation 3P storage restricted * *
Analytics Advertising Experimentation 3P storage restricted * * Iframes Centralized identity Advertising integrations
Analytics Advertising Experimentation 3P storage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection
Analytics Advertising Experimentation 3P storage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity
Analytics Advertising Experimentation 3P storage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted
Analytics Advertising Experimentation 3P storage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted User retention Cohort analytics Non-last-touch attribution Campaign efficiency User-scoped funnels
Analytics Advertising Experimentation 3P storage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted User retention Cohort analytics Non-last-touch attribution Campaign efficiency User-scoped funnels Attribution Audience integrity Campaign efficiency
Analytics Advertising Experimentation 3P storage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted User retention Cohort analytics Non-last-touch attribution Campaign efficiency User-scoped funnels Attribution Audience integrity Campaign efficiency Variant reassignment Variables for personalization
Analytics Advertising Experimentation 3P storage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted User retention Cohort analytics Non-last-touch attribution Campaign efficiency User-scoped funnels Attribution Audience integrity Campaign efficiency Variant reassignment Variables for personalization Referrer truncation *
Analytics Advertising Experimentation 3P storage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted User retention Cohort analytics Non-last-touch attribution Campaign efficiency User-scoped funnels Attribution Audience integrity Campaign efficiency Variant reassignment Variables for personalization Referrer truncation * Full referrer dimension AMP cache distinction Social login distinction Granularity of referral exclusion
Analytics Advertising Experimentation 3P storage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted User retention Cohort analytics Non-last-touch attribution Campaign efficiency User-scoped funnels Attribution Audience integrity Campaign efficiency Variant reassignment Variables for personalization Referrer truncation * Full referrer dimension AMP cache distinction Social login distinction Granularity of referral exclusion Attribution for custom ad placements
Analytics Advertising Experimentation 3P storage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted User retention Cohort analytics Non-last-touch attribution Campaign efficiency User-scoped funnels Attribution Audience integrity Campaign efficiency Variant reassignment Variables for personalization Referrer truncation * Full referrer dimension AMP cache distinction Social login distinction Granularity of referral exclusion Attribution for custom ad placements Experiment targeting based on referrer
DOs and DON’Ts
DO -Periodically audit the use of client-side state in your sites, services, and applications. Avoid over-reliance; use HttpOnly where possible, then HTTP headers, then JS. -Figure out how to incentivize logging in. -Set cookies you need in third-party context to SameSite=None;Secure, with fallbacks for unsupported browsers. - Utilize Storage Access API for access to third-party storage. -Consider the browser as a manifestation of the user’s desire and intent with regard to tracking. Err on the side of as much privacy as possible.
DO NOT -Look at "server-side analytics" as a silver bullet. -Ignore small market share web browsers. -Expect tracking prevention development to settle / slow down. -Spread FUD about the impact of these measures without empirical data to back it up with. -Expect that browsers will handle the ethical / legal side of data collection for you. -Think that browsers have got tracking prevention "right"
Follow and participate
@BrendanEich @EricLaw @JohnWilander @JustinSchuh @Log3OverLog2 @pes10k @RandomnessnCats @SimoAhava @TheZEdwards bit.ly/privacy-sandbox brave.com/blog chromestatus.com/features cookiestatus.com cunderwood.dev haveibeenpwned.com panopticlick.eff.org webkit.org/blog webkit.org/tracking-prevention-policy bit.ly/ad-click-attribution bit.ly/privacycg bit.ly/privacy-ig
log(`Thank you, ${yourName}`)

More Related Content

PDF
Browser Tracking Protections - SuperWeek 2020
bySimo Ahava
 
PDF
Server-side Tagging in Google Tag Manager - MeasureSummit 2020
bySimo Ahava
 
PDF
Semantic Search Engine: Semantic Search and Query Parsing with Phrases and En...
byKoray Tugberk GUBUR
 
PPT
SEO & Patents Vrtualcon v. 3.0
byBill Slawski
 
PDF
Neat tricks to bypass CSRF-protection
byMikhail Egorov
 
PPTX
The Reason Behind Semantic SEO: Why does Google Avoid the Word PageRank?
byKoray Tugberk GUBUR
 
PPTX
Semantic Content Networks - Ranking Websites on Google with Semantic SEO
byKoray Tugberk GUBUR
 
PPTX
Semantic seo and the evolution of queries
byBill Slawski
 
Browser Tracking Protections - SuperWeek 2020
bySimo Ahava
 
Server-side Tagging in Google Tag Manager - MeasureSummit 2020
bySimo Ahava
 
Semantic Search Engine: Semantic Search and Query Parsing with Phrases and En...
byKoray Tugberk GUBUR
 
SEO & Patents Vrtualcon v. 3.0
byBill Slawski
 
Neat tricks to bypass CSRF-protection
byMikhail Egorov
 
The Reason Behind Semantic SEO: Why does Google Avoid the Word PageRank?
byKoray Tugberk GUBUR
 
Semantic Content Networks - Ranking Websites on Google with Semantic SEO
byKoray Tugberk GUBUR
 
Semantic seo and the evolution of queries
byBill Slawski
 

What's hot

PDF
Generative AI and SEO
byJason Packer
 
PDF
How to Use Search Intent to Dominate Google Discover
byFelipe Bazon
 
PPTX
Server-Side Google Tag Manager: Was, wie und warum
by📊 Markus Baersch
 
PPTX
Getting Started with Python and Machine Learning for SEO | BrightonSEO Octobe...
byRuth Everett
 
PPTX
Diginius - DuckDuckGo, Privacy and the Future of Search
byNateBurke1
 
PPTX
Data-driven SEO & content strategy to reduce your customer acquisition costs
byadlift
 
PDF
REST API Pentester's perspective
bySecuRing
 
PDF
Coronavirus and Future of SEO: Digital Marketing and Remote Culture
byKoray Tugberk GUBUR
 
PDF
Google Analytics for Dummies
byTim Lelek
 
PPTX
Measurefest - GA4 From Migration to Measurement - The Key To Success.pptx
bySam Thomas
 
PDF
🎙GA4 Chances & Differences Guide
byŞahin Seçil
 
PDF
BrightonSEO - Apr 2022 - No excuses for doing UX
byOban International
 
PDF
A beginner's guide to machine learning for SEOs - WTSFest 2022
byLazarinaStoyanova
 
PDF
Google Analytics 101 for Business - How to Get Started With Google Analytics
byJeff Sauer
 
PDF
Winning SEO when doing Web Migrations #SMSSYD19
byAleyda Solís
 
PDF
Cross Origin Resource Sharing
byLuke Weerasooriya
 
PPTX
Bill Slawski SEO and the New Search Results
byBill Slawski
 
PPTX
Keyword Research and Topic Modeling in a Semantic Web
byBill Slawski
 
PDF
Wzorce projektowe w automatyzacji testów aplikacji webowych
byStowarzyszenie Jakości Systemów Informatycznych (SJSI)
 
DOCX
Data power Performance Tuning
byKINGSHUK MAJUMDER
 
Generative AI and SEO
byJason Packer
 
How to Use Search Intent to Dominate Google Discover
byFelipe Bazon
 
Server-Side Google Tag Manager: Was, wie und warum
by📊 Markus Baersch
 
Getting Started with Python and Machine Learning for SEO | BrightonSEO Octobe...
byRuth Everett
 
Diginius - DuckDuckGo, Privacy and the Future of Search
byNateBurke1
 
Data-driven SEO & content strategy to reduce your customer acquisition costs
byadlift
 
REST API Pentester's perspective
bySecuRing
 
Coronavirus and Future of SEO: Digital Marketing and Remote Culture
byKoray Tugberk GUBUR
 
Google Analytics for Dummies
byTim Lelek
 
Measurefest - GA4 From Migration to Measurement - The Key To Success.pptx
bySam Thomas
 
🎙GA4 Chances & Differences Guide
byŞahin Seçil
 
BrightonSEO - Apr 2022 - No excuses for doing UX
byOban International
 
A beginner's guide to machine learning for SEOs - WTSFest 2022
byLazarinaStoyanova
 
Google Analytics 101 for Business - How to Get Started With Google Analytics
byJeff Sauer
 
Winning SEO when doing Web Migrations #SMSSYD19
byAleyda Solís
 
Cross Origin Resource Sharing
byLuke Weerasooriya
 
Bill Slawski SEO and the New Search Results
byBill Slawski
 
Keyword Research and Topic Modeling in a Semantic Web
byBill Slawski
 
Wzorce projektowe w automatyzacji testów aplikacji webowych
byStowarzyszenie Jakości Systemów Informatycznych (SJSI)
 
Data power Performance Tuning
byKINGSHUK MAJUMDER
 

Similar to Web Browsers and Tracking Protections

PPT
Presentation on Internet Cookies
byRitika Barethia
 
PDF
Media Kitchen - The Cookieless Future
byThe Media Kitchen
 
PPTX
Fundamentals of Safe Browsing.pptx
by24149052
 
PDF
Digital Body Language
byMichael King
 
PDF
Tracking the Trackers tutorial at the Digital Methods Summer School 2013
byDigital Methods Initiative
 
PDF
Ferrante and Griffey "Federated Authentication_ Browser changes and what to e...
byNational Information Standards Organization (NISO)
 
PDF
Griffey and Withers "Seamless Access Update: What’s happening in the world of...
byNational Information Standards Organization (NISO)
 
PDF
Digital Advertising, Privacy and User-tracking Methods
byHonza Pav
 
PPTX
Cookies and Privacy of internet in this presentation.pptx
byMIsmail73
 
PPTX
Privacy and Security
byVishal Chavan
 
PPTX
Web analytics & Online privacy
byPanagiotis Tzamtzis
 
PPTX
What are cookies and what is changing
byDCRB
 
PDF
Mike king - Digital body language 2.0
byNeo Consulting
 
PDF
Security and Privacy on the Web in 2016
byFrancois Marier
 
PPTX
A Brave New World
bySensePost
 
PPTX
Using firefox like a boss
byankitgadgil
 
PDF
Data Mining - GCPCUG May 2011
byGreater Cleveland PC Users Group
 
PPTX
How to use firefox like a boss
byFaisal Aziz
 
PPTX
Rock your firefox
byFaisal Aziz
 
PPTX
How Tracking Your Personal Data Really Adds Up | SoGoSurvey
bySogolytics
 
Presentation on Internet Cookies
byRitika Barethia
 
Media Kitchen - The Cookieless Future
byThe Media Kitchen
 
Fundamentals of Safe Browsing.pptx
by24149052
 
Digital Body Language
byMichael King
 
Tracking the Trackers tutorial at the Digital Methods Summer School 2013
byDigital Methods Initiative
 
Ferrante and Griffey "Federated Authentication_ Browser changes and what to e...
byNational Information Standards Organization (NISO)
 
Griffey and Withers "Seamless Access Update: What’s happening in the world of...
byNational Information Standards Organization (NISO)
 
Digital Advertising, Privacy and User-tracking Methods
byHonza Pav
 
Cookies and Privacy of internet in this presentation.pptx
byMIsmail73
 
Privacy and Security
byVishal Chavan
 
Web analytics & Online privacy
byPanagiotis Tzamtzis
 
What are cookies and what is changing
byDCRB
 
Mike king - Digital body language 2.0
byNeo Consulting
 
Security and Privacy on the Web in 2016
byFrancois Marier
 
A Brave New World
bySensePost
 
Using firefox like a boss
byankitgadgil
 
Data Mining - GCPCUG May 2011
byGreater Cleveland PC Users Group
 
How to use firefox like a boss
byFaisal Aziz
 
Rock your firefox
byFaisal Aziz
 
How Tracking Your Personal Data Really Adds Up | SoGoSurvey
bySogolytics
 

More from Simo Ahava

PDF
Essential Search Marketing Tweaks For Google Analytics And Google Tag Manager
bySimo Ahava
 
PDF
SuperWeek 2016 - Garbage In Garbage Out: Data Quality in a TMS World
bySimo Ahava
 
PDF
Meaningful Data - Reaktor Breakpoint 2015
bySimo Ahava
 
PPTX
Google Analytics Bag O' Tricks
bySimo Ahava
 
PDF
Data Layer - MeasureCamp VII 2015
bySimo Ahava
 
PDF
Search Marketer's Toolkit for Google Tag Manager and Google Analytics
bySimo Ahava
 
PDF
Google Tag Manager - 5 years. What have we learned?
bySimo Ahava
 
PDF
Content Analytics - The Whys And Hows For Google Analytics
bySimo Ahava
 
PPTX
Rationalizing Tag Management
bySimo Ahava
 
PDF
MeasureCamp IX (London) - 10 JavaScript Concepts for web analysts
bySimo Ahava
 
PDF
Meaningful Data - Best Internet Conference 2015 (Lithuania)
bySimo Ahava
 
PDF
You can't spell MEASURE without CUSTOMIZATION
bySimo Ahava
 
PDF
Agile Analytics
bySimo Ahava
 
PDF
Key Insights From Funnels - Enhanced Ecommerce For Google Analytics
bySimo Ahava
 
PDF
Tricks and tweaks for Google Analytics and Google Tag Manager
bySimo Ahava
 
PPTX
Tag Management Solutions - Best Data Ever (Marketing Festival 2014)
bySimo Ahava
 
PDF
Simo's Top 30 GTM tips
bySimo Ahava
 
PPTX
Content Engagement with Google Analytics (Emerce Conversion 2015)
bySimo Ahava
 
PPTX
Enhanced Ecommerce For Content (SMX München 2015)
bySimo Ahava
 
PPTX
Be Critical: Going Beyond The Defaults With GA And GTM (SMX Munich 2015)
bySimo Ahava
 
Essential Search Marketing Tweaks For Google Analytics And Google Tag Manager
bySimo Ahava
 
SuperWeek 2016 - Garbage In Garbage Out: Data Quality in a TMS World
bySimo Ahava
 
Meaningful Data - Reaktor Breakpoint 2015
bySimo Ahava
 
Google Analytics Bag O' Tricks
bySimo Ahava
 
Data Layer - MeasureCamp VII 2015
bySimo Ahava
 
Search Marketer's Toolkit for Google Tag Manager and Google Analytics
bySimo Ahava
 
Google Tag Manager - 5 years. What have we learned?
bySimo Ahava
 
Content Analytics - The Whys And Hows For Google Analytics
bySimo Ahava
 
Rationalizing Tag Management
bySimo Ahava
 
MeasureCamp IX (London) - 10 JavaScript Concepts for web analysts
bySimo Ahava
 
Meaningful Data - Best Internet Conference 2015 (Lithuania)
bySimo Ahava
 
You can't spell MEASURE without CUSTOMIZATION
bySimo Ahava
 
Agile Analytics
bySimo Ahava
 
Key Insights From Funnels - Enhanced Ecommerce For Google Analytics
bySimo Ahava
 
Tricks and tweaks for Google Analytics and Google Tag Manager
bySimo Ahava
 
Tag Management Solutions - Best Data Ever (Marketing Festival 2014)
bySimo Ahava
 
Simo's Top 30 GTM tips
bySimo Ahava
 
Content Engagement with Google Analytics (Emerce Conversion 2015)
bySimo Ahava
 
Enhanced Ecommerce For Content (SMX München 2015)
bySimo Ahava
 
Be Critical: Going Beyond The Defaults With GA And GTM (SMX Munich 2015)
bySimo Ahava
 

Recently uploaded

PDF
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
PDF
WShell Gameplay and Games of Games of Games
byzramirezmtz9
 
PPTX
Bibhav Singh.pptx it's very useful for us it's in very good and very nice
byabhishekjaiswal5th33
 
PPT
html-forms in web development-courseICT.
bymadz33
 
PPTX
mc l2 Overview of Computer and Web-Technology.pptx
byavanikharde
 
PDF
classification of elements and periodicity.pdf
byaryanshreya2010
 
PPT
Lecture_3 Network Securityeyeyggegeg.ppt
bysawsan202
 
PDF
Design For Test - Getting Test Automation value from Design Expressions.
byDavid Harrison
 
PPT
Lecture_3 Network Securityyyeyeyyeeyyeywy.ppt
bysawsan202
 
PDF
Key Duties and Roles of an Ecommerce Developer Singapore
byHachi Web Solution
 
DOCX
BestMaker.ai: The Complete Brand Story, Founder's Vision, and AI Creative Pla...
byssuser7381d6
 
PPTX
Types of Cryptograph Symmetric Ceaser cipher and also about Assymetric
byhamzaabdulqadeer11
 
PDF
tokiohotellistening.pdf for tokiohotelfans
byrafaelgombos1234
 
PPT
Memory Organization In Assembly Language
byumairmuhammad0409
 
PPTX
COĞRAFYA ödevi 70 sayfa güzeldir hayırlı olsun
bydtilter
 
PPTX
Ideathon template.pptx it is a ideathon template
bykonav71133
 
PPTX
Introduction Digital Signal Processing.pptx
byumairmuhammad0409
 
PPTX
Computer Networks 01[1 using all terms].pptx
bywaqasahmedbhatti633
 
PPTX
PRITHVI theater, A true artist. Newzfeaturez.pptx
bysc05digital
 
PDF
Beacon Kit slides tech framework for world game (s) pdf
bySteven McGee
 
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
WShell Gameplay and Games of Games of Games
byzramirezmtz9
 
Bibhav Singh.pptx it's very useful for us it's in very good and very nice
byabhishekjaiswal5th33
 
html-forms in web development-courseICT.
bymadz33
 
mc l2 Overview of Computer and Web-Technology.pptx
byavanikharde
 
classification of elements and periodicity.pdf
byaryanshreya2010
 
Lecture_3 Network Securityeyeyggegeg.ppt
bysawsan202
 
Design For Test - Getting Test Automation value from Design Expressions.
byDavid Harrison
 
Lecture_3 Network Securityyyeyeyyeeyyeywy.ppt
bysawsan202
 
Key Duties and Roles of an Ecommerce Developer Singapore
byHachi Web Solution
 
BestMaker.ai: The Complete Brand Story, Founder's Vision, and AI Creative Pla...
byssuser7381d6
 
Types of Cryptograph Symmetric Ceaser cipher and also about Assymetric
byhamzaabdulqadeer11
 
tokiohotellistening.pdf for tokiohotelfans
byrafaelgombos1234
 
Memory Organization In Assembly Language
byumairmuhammad0409
 
COĞRAFYA ödevi 70 sayfa güzeldir hayırlı olsun
bydtilter
 
Ideathon template.pptx it is a ideathon template
bykonav71133
 
Introduction Digital Signal Processing.pptx
byumairmuhammad0409
 
Computer Networks 01[1 using all terms].pptx
bywaqasahmedbhatti633
 
PRITHVI theater, A true artist. Newzfeaturez.pptx
bysc05digital
 
Beacon Kit slides tech framework for world game (s) pdf
bySteven McGee
 

Web Browsers and Tracking Protections

  • 1.
    Web browsers andtracking protections Impact on data, experimentation, and personalization @SimoAhava from @8_bit_sheep at #DigitalElite20
  • 2.
    Simo Ahava Partner, co-founder,8-bit-sheep Google Developer Expert, Google Analytics Blogger, developer, www.simoahava.com Twitter-er, @SimoAhava Curator, www.cookiestatus.com
  • 5.
  • 6.
  • 8.
  • 9.
  • 10.
    Default browser settings designedto protect the user from tracking vectors that can be harmful
  • 11.
    Default browser settings designedto protect the user from tracking vectors that can be harmful which the user has traditionally only been able to opt out of.
  • 12.
    Graphic adapted fromhttps://web.dev/samesite-cookies-explained/ https://www.simoahava.com/
  • 13.
    Graphic adapted fromhttps://web.dev/samesite-cookies-explained/ Same-site === First-party context https://www.simoahava.com/
  • 14.
    Graphic adapted fromhttps://web.dev/samesite-cookies-explained/ https://image.cdn.com/image.gif https://www.simoahava.com/
  • 15.
    Graphic adapted fromhttps://web.dev/samesite-cookies-explained/ Cross-site === Third-party context https://image.cdn.com/image.gif https://www.simoahava.com/
  • 16.
    Graphic adapted fromhttps://web.dev/samesite-cookies-explained/ https://page.somedomain.com/ https://page.otherdomain.com/ https://page.thirddomain.com/ https://image.cdn.com/image.gif All pages include a request to the third-party resource, thus including all cookies written on the third-party domain, enabling cross-site tracking.
  • 17.
  • 18.
    Trackers can leverageother types of browser storage.
  • 19.
    Identity platforms candecorate all outbound links.
  • 20.
    Trackers can utilizestateless tracking, such as fingerprints.
  • 21.
    Third-party-to-first-party collusion, e.g.with CNAME. https://www.simoahava.com/web-development/whats-in-a-cname/
  • 22.
    The (perceived) dangersof cross-site tracking
  • 23.
    Build graphs andcomprehensive audience profiles
  • 24.
    Build graphs andcomprehensive audience profiles Target ads
  • 25.
    Target ads Manage adfrequency Build graphs and comprehensive audience profiles
  • 26.
    View-through attribution Manage adfrequency Build graphs and comprehensive audience profiles Target ads
  • 27.
    Manage ad frequency Buildgraphs and comprehensive audience profiles Cookie matching/syncing View-through attribution Target ads
  • 28.
    Manage ad frequency Buildgraphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads
  • 29.
    Manage ad frequency Buildgraphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations
  • 30.
    Manage ad frequency Buildgraphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows
  • 31.
    Manage ad frequency Buildgraphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services
  • 32.
    Manage ad frequency Buildgraphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services Multi-purpose scripts
  • 33.
    Manage ad frequency Buildgraphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services Multi-purpose scripts 1st party data collection
  • 34.
    Manage ad frequency Buildgraphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services Multi-purpose scripts 1st party data collection Tag management
  • 35.
    Manage ad frequency Buildgraphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services Multi-purpose scripts 1st party data collection Tag management Client-side state
  • 36.
    Manage ad frequency Buildgraphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services Multi-purpose scripts 1st party data collection Tag management Client-side state Data quality
  • 37.
    Manage ad frequency Buildgraphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services Multi-purpose scripts 1st party data collection Tag management Client-side state Data quality
  • 38.
    Manage ad frequency Buildgraphs and comprehensive audience profiles Cross-site tracking Cookie matching/syncing View-through attribution Target ads Analytics integrations SSO / login flows State in embedded services Multi-purpose scripts 1st party data collection Tag management Client-side state Data quality
  • 39.
  • 41.
    2003 3P cookies blocked bydefault without prior "seeding"
  • 42.
    2003 3P cookies blocked bydefault without prior "seeding" …
  • 43.
    2003 3P cookies blocked bydefault without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites
  • 44.
    2003 3P cookies blocked bydefault without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 Storage Access API
  • 45.
    2003 3P cookies blocked bydefault without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 Storage Access API ETP 3P storage access on known tracking domains blocked
  • 46.
    2003 3P cookies blocked bydefault without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 Storage Access API ETP 3P storage access on known tracking domains blocked Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation
  • 47.
    2003 3P cookies blocked bydefault without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation ETP 3P storage access on known tracking domains blocked Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation
  • 48.
    2003 3P cookies blocked bydefault without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation
  • 49.
    2003 3P cookies blocked bydefault without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs
  • 50.
    2003 3P cookies blocked bydefault without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs Tracking protection in Edge beta
  • 51.
    2003 3P cookies blocked bydefault without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 2020 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation All 3P cookies blocked ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs Tracking protection in Edge beta
  • 52.
    2003 3P cookies blocked bydefault without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 2020 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation All 3P cookies blocked ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Daily purge of storage from known tracker domains Requests to fingerprinting domains blocked Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs Tracking protection in Edge beta
  • 53.
    2003 3P cookies blocked bydefault without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 2020 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation All 3P cookies blocked ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Daily purge of storage from known tracker domains Requests to fingerprinting domains blocked Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs Pioneering work on reducing fingerprinting surfaces continues Tracking protection in Edge beta
  • 54.
    2003 3P cookies blocked bydefault without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 2020 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation All 3P cookies blocked ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Daily purge of storage from known tracker domains Requests to fingerprinting domains blocked Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs Pioneering work on reducing fingerprinting surfaces continues Tracking protection in Edge beta Chromium Edge released Block 3P storage access from known trackers
  • 55.
    2003 3P cookies blocked bydefault without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 2020 Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation All 3P cookies blocked ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Daily purge of storage from known tracker domains Requests to fingerprinting domains blocked Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs Pioneering work on reducing fingerprinting surfaces continues Tracking protection in Edge beta Chromium Edge released Block 3P storage access from known trackers Referrer truncation
  • 56.
    2003 3P cookies blocked bydefault without prior "seeding" … 2017 ITP 1.0 Algorithmic classification of tracking-capable sites 2018 2019 2020 … Storage Access API ITP 2.1 - 2.3 Restrictions on 1P storage Referrer truncation All 3P cookies blocked ETP 3P storage access on known tracking domains blocked ETP set on by default for all Firefox installs Daily purge of storage from known tracker domains Requests to fingerprinting domains blocked Brave Shields 3P storage access blocked 1P cookies restricted Referrer truncation Tracking parameters removed from URLs Pioneering work on reducing fingerprinting surfaces continues Tracking protection in Edge beta Chromium Edge released Block 3P storage access from known trackers Referrer truncation All 3P cookies blocked?
  • 57.
  • 58.
    Technology Preview 113 Restrictcookies set in HTTP requests to cross-site CNAME origins. Brave Chrome Edge Firefox Safari
  • 59.
    Brave Chrome EdgeFirefox Safari Cookies set to SameSite=Lax by default. Reject SameSite=None cookies that are not secure. Chrome 80, *Jul 14 ->
  • 60.
    Cap lifetime ofall script-writable storage. Brave Chrome Edge Firefox Safari !
  • 61.
    Block all cookiesin 3P context. 2022? Brave Chrome Edge Firefox Safari !!
  • 62.
    User-Agent freeze andClient Hints. Chrome 85 (CH), 2021 (UA) Brave Chrome Edge Firefox Safari
  • 63.
    Technology Preview 99 TheisLoggedIn API (experimental). Brave Chrome Edge Firefox Safari
  • 64.
    Private Click Measurement/ Ad Click Attribution. Brave Chrome Edge Firefox Safari
  • 65.
  • 66.
  • 67.
  • 68.
    Analytics Advertising Experimentation 3Pstorage restricted * * Iframes Centralized identity Advertising integrations
  • 69.
    Analytics Advertising Experimentation 3Pstorage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection
  • 70.
    Analytics Advertising Experimentation 3Pstorage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity
  • 71.
    Analytics Advertising Experimentation 3Pstorage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted
  • 72.
    Analytics Advertising Experimentation 3Pstorage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted User retention Cohort analytics Non-last-touch attribution Campaign efficiency User-scoped funnels
  • 73.
    Analytics Advertising Experimentation 3Pstorage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted User retention Cohort analytics Non-last-touch attribution Campaign efficiency User-scoped funnels Attribution Audience integrity Campaign efficiency
  • 74.
    Analytics Advertising Experimentation 3Pstorage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted User retention Cohort analytics Non-last-touch attribution Campaign efficiency User-scoped funnels Attribution Audience integrity Campaign efficiency Variant reassignment Variables for personalization
  • 75.
    Analytics Advertising Experimentation 3Pstorage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted User retention Cohort analytics Non-last-touch attribution Campaign efficiency User-scoped funnels Attribution Audience integrity Campaign efficiency Variant reassignment Variables for personalization Referrer truncation *
  • 76.
    Analytics Advertising Experimentation 3Pstorage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted User retention Cohort analytics Non-last-touch attribution Campaign efficiency User-scoped funnels Attribution Audience integrity Campaign efficiency Variant reassignment Variables for personalization Referrer truncation * Full referrer dimension AMP cache distinction Social login distinction Granularity of referral exclusion
  • 77.
    Analytics Advertising Experimentation 3Pstorage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted User retention Cohort analytics Non-last-touch attribution Campaign efficiency User-scoped funnels Attribution Audience integrity Campaign efficiency Variant reassignment Variables for personalization Referrer truncation * Full referrer dimension AMP cache distinction Social login distinction Granularity of referral exclusion Attribution for custom ad placements
  • 78.
    Analytics Advertising Experimentation 3Pstorage restricted * * Iframes Centralized identity Advertising integrations Cross-site profiling Ad frequency capping View-through attribution Cookie matching / sync Demographics / interest data Fraud / spam detection Iframes Centralized identity 1P storage restricted User retention Cohort analytics Non-last-touch attribution Campaign efficiency User-scoped funnels Attribution Audience integrity Campaign efficiency Variant reassignment Variables for personalization Referrer truncation * Full referrer dimension AMP cache distinction Social login distinction Granularity of referral exclusion Attribution for custom ad placements Experiment targeting based on referrer
  • 79.
  • 80.
    DO -Periodically audit theuse of client-side state in your sites, services, and applications. Avoid over-reliance; use HttpOnly where possible, then HTTP headers, then JS. -Figure out how to incentivize logging in. -Set cookies you need in third-party context to SameSite=None;Secure, with fallbacks for unsupported browsers. - Utilize Storage Access API for access to third-party storage. -Consider the browser as a manifestation of the user’s desire and intent with regard to tracking. Err on the side of as much privacy as possible.
  • 81.
    DO NOT -Look at "server-sideanalytics" as a silver bullet. -Ignore small market share web browsers. -Expect tracking prevention development to settle / slow down. -Spread FUD about the impact of these measures without empirical data to back it up with. -Expect that browsers will handle the ethical / legal side of data collection for you. -Think that browsers have got tracking prevention "right"
  • 82.
  • 83.
  • 84.