Availability for experimentation

[lbdvt]

Hi, As announced during an IWABG call, the proposal is indeed being implemented in Chromium (https://chromium-review.googlesource.com/q/FloC).

What are the next steps regarding this feature? I guess the implementation is intended to run live-traffic tests? If so what would be the type of tests and measures to be held? When would they start?

Thanks

[captify-mgruau]

@jkarlin just wanted to piggyback on this question as all companies are currently working on their 2021 plans. It's been announced before that cohorts would become available for experimentation during the upcoming year, but for the purpose of planning resources we would need to have more details on this rollout.

Are there any additional detail you can provide us in this respect?

thanks in advance.

[michaelkleber]

Hello, thanks for your interest.

Until two weeks ago, no other organization had indicated support for experimenting with FLoC in the Discourse thread, and so there were no plans to expose the API.

Now that we have interest from a second party (Yahoo! Japan), we will move towards making this available as an Origin Trial.

The first experimental version is not yet code-complete, and we don't yet know whether we'll be ready by the Chrome M89 branch date in January. So the Origin Trial will reach stable either with M89 in early March, or with M90 in mid-April.

[captify-mgruau]

Thanks a lot @michaelkleber, this is great to hear! Appreciate the transparency.

[michaelkleber]

Certainly! And please feel free to voice your support (including an indication of any organizational affiliation) for experimentation on the Discourse thread as well. That's the place the browser developer community tends to look to see if there is interest in a new proposed feature.

[michaelkleber]

Hi folks! We did get all of the essential FLoC code into Chromium in time for the M89 branch. So we expect an Origin Trial to be possible beginning in March.

We were happy to see Google Ads reporting more promising results in a blog post today. But that's still just based on their simulations of FLoC clustering algorithms. We're looking forward to more people running experiments once the Origin Trial provides access to real in-browser clustering.

[captify-mgruau]

Hi @michaelkleber, as we're getting closer to the trial we have a few more questions on this.

• I understand this will become available with M89 release, but do you know how long it will remain available? If not, can you at least provide a general bracket (~1 month, ~3 months...)? Reason why I'm asking is because we need to plan for resource allocation.
• We'll obviously provide technical feedback during testing but in an ideal world we'd also like to be able to write a few marketing blurbs around it. To be sure, can you confirm the experience during trial is not NDA'ed?
• I wrote a few questions about the mechanisms of FLoC the WICG discourse thread but didn't get an answer there; is there a chance you can come back to me on those questions either in this thread or there.

Thanks in advance.

[captify-mgruau]

Hi @michaelkleber - just following up on this. I realize you're super busy but the trial is due to start in a month so we want to make sure we're clear on those details. Thanks in advance.

[michaelkleber]

Hi @captify-mgruau, apologies for the delay in responding.

• We plan to explore different clustering techniques, so the Origin Trial will certainly last a while. I would expect at least four Chrome milestones = until August.
• Origin Trials do not require any sort of NDA, and you are free (and encouraged) to talk to both us and other parties about your experience with the feature.
• Before the OT, we plan to publish something that talks more about the details of the initial clustering technique and which pages contribute to it. But it will not be limited to only pages participating in the OT — Even if the proposal in #33 is the right long-term answer, it really wouldn't make sense for an Origin Trial, since it would be basically impossible to look at OT results and extrapolate to what things things would be like in the "real world".
• If a flock isn't available (on a particular site, or for a particular person), we'll return a no-flock indicator, not a random one.
• We're still exploring the possibility of adding noise, but there isn't any in the first version we're trialing in March.

[dmarti]

Will there be an opt-out that does not require setting an HTTP header before the origin trial begins?

[michaelkleber]

No — adding another opt-out mechanism will require new code, but we're already code complete on the first origin trial.

[dmarti]

So the choices for sites that aren't currently on hosting that lets them set HTTP headers are:

1. remove or replace any third-party resources that might be blocked by EasyList
2. switch hosting to a provider that allows them to set HTTP headers
3. get their existing hosting provider to set the header for their domain
4. participate in a test of a new, unproven user tracking technology targeting their audience

Please make the origin trial opt-in, or at least postpone it until an opt-out that is practical for low-budget sites is available.

[michaelkleber]

Hi Don, I do not think we should block the start of an Origin Trial for adding an additional opt-out mechanism.

The thinking behind a default of including visits to any domain that loads ads resources is that those ad resource calls generally include third-party cookies — which mean that some unknown number of ad-tech-controlled user profiles may already be influenced, on an event-by-event level, by the page visit.

Even if this hypothesis is occasionally incorrect and there is some site that would contribute to FLoC but not to any ads data collection today, you're looking at a situation where the expected threat is something like: "For people in cohort 1234, if they visit site X there is a 4% chance they might move to cohort 1235 instead." But of course there would be many other ways for someone to be in cohort 1235 also.

[dmarti]

Hi Michael, please think about the problem from the point of view of a small site trying to do all this stuff right and use a limited number of third party services in a way that respects the interests of site visitors.

Right now that site's privacy policy says something like "we only share your info with example dot com, and we have a contract with them where they can only do (certain things)"

They probably aren't coming to W3C meetings and keeping up with all this, but if they were, they would have to choose one of the four options in my previous comment. If they did end up choosing (4), they would still have to change their privacy policy to "we only share your info with example dot com, unless you visit with Google Chrome, in which case your visit to our site could get shared with any site that calls a certain JavaScript function, and we don't know which sites those are"

The small site trying to do things correctly has to do extra work because the company with 135,000 employees wants a little convenience? (The more I think about this the more I think opt-in is the only sensible way to go here -- you could get enough sites to turn FLoC on by promoting it to Google Analytics users.)

[michaelkleber]

First, I think your characterization of "your visit to our site could get shared with any site that calls a certain JavaScript function" is completely incorrect. Chrome's initial design includes many decisions all designed to protect the small site trying to do things correctly.

That said, requiring an opt-in is our intention for this API's launch, for reasons including the "virtuous cycle" discussions in #45. But opt-in does not seem like a reasonable way to answer the question "Would this API be useful if it were adopted?"

[dmarti]

(Updated previous comment on documenting data sharing in privacy policy, to link to the relevant issue. Not all history is shared with all sites, but some sites from history could be exposed to other sites.)

Sites are going to have to update their privacy policies to cover FLoC training exposure during the origin trial, then change back as soon as either FLoC goes opt-in, or the site opts out.

[skaurus]

Hi, is there any updated timeframe on when exactly Origin Trial could start?

[michaelkleber]

We're working on getting it started now. It will be live sometime later in M89, but we don't have an exact date.