The topics revealed by the API should be less personally sensitive about a user than what could be derived using today’s tracking methods.
The wording seems limited to the content of the actual topic, not the information about the user revealed by the topic, possibly in combination with other information. In real-world applications, parties will process topics using statistics or ML to classify the user.
(For example, information about a food interest and a music interest, in combination with location and/or language data, could enable an inference about a user's membership in a protected group, even though neither the food topic nor the music topic is sensitive on its own.)
Suggested alternative wording: "Information that callers can obtain or infer from Topics API should be less personally sensitive about a user than what could be derived using today’s tracking methods."
Currently this document has:
The wording seems limited to the content of the actual topic, not the information about the user revealed by the topic, possibly in combination with other information. In real-world applications, parties will process topics using statistics or ML to classify the user.
(For example, information about a food interest and a music interest, in combination with location and/or language data, could enable an inference about a user's membership in a protected group, even though neither the food topic nor the music topic is sensitive on its own.)
Suggested alternative wording: "Information that callers can obtain or infer from Topics API should be less personally sensitive about a user than what could be derived using today’s tracking methods."
Related: https://github.com/patcg-individual-drafts/topics/issues/196 (sensitivity concerns are likely to become more important if alternate taxonomies emerge, and this change in wording could help evaluate possibly risky taxonomy changes)