A proposed standard now under discussion at W3C, dubbed simply “Attribution” aims to redefine how ad effectiveness is measured across the web. This proposal would centralize measurement of ad effectiveness under the control of major platform players, including Google, Apple and Meta. While “Attribution” is framed as a privacy win, in practice it would shift more advertising onto low-trust content and AI-generated slop.
A certain amount of hustle and overselling by inventors and new companies has always been a thing. What’s unfamiliar in recent times is the combination of large, oligopoly companies with the failure of those companies to make an effort to go legit as they grow up. While American business culture has always celebrated “fake it ’til you make it,” we have pivoted to “make it, then fake it even harder.”
Is each browser process dedicated to a single customer, or do you clear cookies and other state (localStorage, cache, Chrome advertising features...) between customers?
Google Chrome has another "AI training" API that has been there for a while -- document.browsingTopics() -- this is for passing information about your browsing history to ML on the Google side. Hard to be sure about what information about you can be inferred from this.
It might also be a good idea to block or warn about sites using that one.
You can have the most tricked-out, up-to-date protections on your client, or in a proxy between your client and a web site...and if that site is using server-to-server tracking they can get around it.
The tricky part, though, is that even with your client-side settings and privacy tools set up 100% right, any company that has your info can still send it to Facebook server-to-server, with "Conversions API."
WA MHMD is a game changer because private right of action. Doesn't rely on the attorney general or a dedicated privacy agency to take action -- private lawyers can.
(Technically not the first privacy law with private right of action because the Video Privacy Protection Act has one, but that law was originally passed to cover videotape rentals and the courts are still working out how it applies to video content on the Internet)
The companies it's mainly good for are those who have personal data but are not required to register as a data broker. So if you have a brand with content, forums, retail, events, or whatever and can collect info on people, then by pure supply and demand the market value of your audience data goes up.
As a fingerprinting surface FLoC has similar properties to the Battery Status API -- not stable for the same user over long intervals, but can be used to help match pageviews from different domains that were close in time.