[ppa-experiment] what happens on opt-out?

[bernardpaulus]

Hello,

Could you describe in more details what happens if we opt-out, and what methods could the site use to know that we opted out?

More precisely, what are the return values of

navigator.privateAttribution.saveImpression(...)

and

navigator.privateAttribution.measureConversion(...)

when opted out versus the default (enabled)? Is there any exception thrown?

Also, how are opted-out users protected against being detected?

[martinthomson]

The API appears to function fully when someone is opted out, but no private information is released. That is, saveImpression appears to save something (but saves nothing), and measureConversion generates a measurement message that contains all zero values. From the perspective of the sites involved, things appear to be exactly the same as someone who has the feature enabled.

Our explainer should really cover this, but it doesn't, so I'll use this issue to track the addition of the above explanation to the explainer.

[OdinVex]

The API appears to function fully when someone is opted out

Where is an option to disable this API plagueware to begin with?

[rugk]

Where is an option to disable this API plagueware to begin with?

This obviously would make you trackable as you are 1 of 1mio or so users where the API, say, returns an exception or does not exist (while e.g. in the browser version it should exist) etc. So not a good idea…

The "noop" approach is indeed a good one when disabled.

[OdinVex]

Where is an option to disable this API plagueware to begin with?

This obviously would make you trackable as you are 1 of 1mio or so users where the API, say, returns an exception or does not exist (while e.g. in the browser version it should exist) etc. So not a good idea…

The "noop" approach is indeed a good one when disabled.

No, I'd blend into the rest of people who also don't have the damn thing implemented. Collaborating simp. Crap like this along with WebASSembly and JavaShit should be illegal the world over.

Edit: Fortunately we might have a chance to remove this garbage from LibreWolf. If not, I'm forking, I'm tired of this sell-out to Google shit.

Edit: Mozilla can be sued for false advertisement for claiming they support user's privacy but then whore it away, even without* (edit: typo fixed) purchasing something, right? I hope so. So done with everything 'web' online and crappy 'app' sites masquerading at desktop software when it's just HTML, JS, CSS, sick of this shit. Mental health and economic terrorism is what this is imo and I'm not alone in that.

Edit: Today's thought: Has Firefox been getting shittier for the past decade (PS, only morons leave telemetry enabled, so your 'oh users like this' is obviously skewed) because of some hidden-from-users loyalty to the ads industry? Subversion of freedom and privacy and respect and decency for $$$? I wonder.

Edit: If every browser should fall then the only thing left will be using locally hosted (same network?) proxy servers to strip spied-upon information from requests and malware-definition-like subscriptions on deobfuscating such info. Edit: Along with using front-ends such as LibreY.

Edit: I can see it now, coming up next: "Mozilla will require viewing multiple pages of advertisements every 5 minutes pervasively and invasively blocking any interaction with the browser for the duration." "That'll never happen." "Dude, Mozilla's implementing spyware into Firefox, you can see it for yourself." "Oh, shit, right..." It's HERE, NOW. ^

Edit: I'd joke the people in charge of the direction of Firefox work for Google to subvert it because WTFH has been going on for a decade? It isn't too far-fetched when you consider Firefox looks like a clone of Chrome and does the same "telemetry" crap but is just slower. I'd wonder if it isn't to get people to think "oh well they look the same, I'll just go with the supposedly faster spyware." ...Not really far-fetched a joke.