Expand attestations to limit known abuses

[dmarti]

Extend the list of attestations required to use this API to address known undesirable consequences of cross-context transfer of information.

• If this API is used to place an ad on a web page, the caller attests that they will take commercially reasonable measures to require that the URL of the web page is reported to the advertiser. Limit the incentives for intermediaries to monetize pages seen as out of policy or brand-unsafe by advertisers, which often drive traffic using deceptive browser extensions, other malware, spam and other methods that present privacy risks to users.

• The caller attests that data from this API will not be used in conjunction with data obtained using unintended identification techniques such as browser fingerprinting. Unintended identification techniques, as defined in Mozilla's "Anti tracking policy" are not easily controllable by the user. (see discussion at UX is misleading #265)

[dmarti]

related: https://assets.publishing.service.gov.uk/media/662baa3efee48e2ee6b81eb1/1._CMA_Q1_2024_update_report_on_Google_Privacy_Sandbox_commitments.pdf pp. 13-14

[dmarti]

Here is an updated version of an attestation to help provide for fair competition among SSPs. By limiting the ability to obfuscate "good ad/bad site" placements in reports, SSPs with a policy of only monetizing legitimate sites will be less likely to be placed at a disadvantage, or pressured into a risky race to the bottom with SSPs who are willing to monetize infringing, embargoed, and other problem sites.

Attestation name: ContextReportedToAdvertiser

Attestation detail: If this API is used in conjunction with the placement of an advertisement, the caller will make available to the advertiser sufficient information to evaluate the appropriateness of the placement of the advertisement, including at least the full hostname of the site on which the advertisement appears.

Related

• Privacy Sandbox Developer Enrollment and Attestations

• Companies inadvertently fund online misinformation despite consumer backlash | Nature On the basis of our results, we identify two interventions that could reduce the financing of online misinformation. First, digital advertising platforms that run automated auctions could enable advertisers to more easily access data on whether their advertisements appear on misinformation outlets. This would enable advertisers to make advertising placement decisions consistent with their preferences rather than inadvertently financing misinformation51. Second, while it is currently possible for consumers to find out about companies financing misinformation through media reports, digital platforms could improve transparency for consumers about which companies advertise on misinformation outlets.

[dmarti]

Another related link: Algorithms should not control what people see, UN chief says, launching Global Principles for Information Integrity | UN News

"Advertisers should demand transparency in digital advertising processes from the tech sector to help ensure they do not end up inadvertently funding disinformation or hateful messaging."

These UN principles are not a legally binding regulation, but without this attestation an SSP that makes an effort to comply with the UN's principles will be placed at a disadvantage relative to an SSP that obfuscates placements in order to fund illegal or embargoed sites, or other sites that an advertiser would choose not to support.