The security/privacy section should cover other uses of FLoC, such as dynamic pricing, demographic targeting of headlines, and targeted malvertising

[johnwilander]

Websites and embedded content can use cohorts to:

• Set prices dynamically based on if the user is price insensitive or likely to compare.
• Alter headlines to target specific demographics.
• Target vulnerable parts of the population with malvertising.
• Suggest content that can lead to bubbles and radicalization.

All of this should be brought up in the security/privacy section.

The fact that these things have been possible before based on cross-site tracking doesn't mean we should standardize such capabilities. We should strive for people to be treated equally and safely on the web.

[dmarti]

Airport security screening can detect most weapons, but travelers often go through a checkpoint with a firearm, usually because they have forgotten they were carrying it or did not understand the applicable laws and regulations. Because agencies must balance security needs with traveler throughput, the ability to flag likely firearms-owning cohorts for additional security measures may help to optimize the screening process. Cohort could be collected at the time of ticket purchase, or upon arrival at the airport by requiring a traveler to scan a QR code.

(This use of cohorts would probably be more effective against accidental and impulsive behavior than against motivated adversaries. Related research on limitations of a similar system: Carnival Booth: An Algorithm for Defeating the Computer-Assisted Passenger Screening System )

[TheMaskMaker]

@dmarti I hope this is a threat model and not a recommendation. Assuming its a threat model, I can't imagine anyone would intend to use an online advertising tool like that, but it would be very concerning. I do wonder if the topic is out of our scope as that would be a misuse by a legal authority, and so probably a legal issue, but it has me worried enough I want to speak on it shortly.

To use cohorts in security screenings would amount to cohort discrimination. I would be very concerned for the potential implications of using an ML cohort to determine someone's risk. We already have issues with racial profiling, and if a cohort contains a large percentage of a particular race, that could be one of several extremely problematic use cases.

It would also tie an online advertising tool to areas of society it was not meant for, which would in turn affect the algorithm in odd ways, that could bubble over into other areas of society.

On an amusing and worrying side note, what you are suggesting, minus the science fiction,

is the plot of 'Psycho-Pass.'

CLICK TO VIEW (spoiler)

People are security screened in daily life based on an Machine Learning profile. **Except the computer of connected criminal brains that calculates the profile is replaced with Google ML.**

[dmarti]

@TheMaskMaker Yes, profiling issues are among those raised in the TAG review of FLoC. People generally use the same browser both for activities such as shopping online and reading ad-support content, and for interacting with sites where discrimination is more of a concern, such as education, employment, and public sector sites. It is a challenge to have the same cohort information available in both kinds of situations.

Not all public sector uses of cohorts are necessarily a discrimination concern, though. For example, since most taxpayers are honest, it might benefit users on average if tax authorities could identify high-income cohorts reporting low incomes.

[TheMaskMaker]

@dmarti I think we agree about the profiling concerns, but I think the examples you give are less feasible than the ones @johnwilander mentioned. The tax audit use case would most certainly be discrimination by definition, but I'm not sure it would be likely since it would require some unusual correlation methods. I also am not certain it would be legal in several countries.

Price discrimination based on floc, politically targeted content, etc are 'use' cases that we have seen before even outside of web. I think John makes a good point that we know these problems exist and floc makes them almost easier to enact in groups than before. I am not sure if they can be solved in this context but its definitely worth discussing.

But there is also a fine line worth mentioning. While changing what news you get based on political party would be alarming, changing from recommending dog breeding articles to painting articles based on floc interest would be a sensible use case.

Definitely worth discussing.

[dmarti]

Personalised Pricing: The Demise of the Fixed Price?, by Joost Poort and Frederik Zuiderveen Borgesius, covers some of the incentives for retailers to adopt personalized pricing systems.

Price discrimination can benefit both buyers and sellers, leading to an increase of both consumer and producer welfare. Price discrimination can help the seller to recoup his fixed costs without losing many potential customers and make a good or service accessible to buyers with a smaller purse, even if it will lead to higher prices for other customers.

Personalized pricing, however, means that sellers take the risk of selecting legally protected or otherwise sensitive groups for higher prices. Because FLoC provides a reliable assurance that the FLoC cohort does not correspond to membership in a protected or sensitive group, online retailers would be able to use FLoC-based pricing in more kinds of situations than potentially discriminatory forms of personalized pricing.