Add a meta tag to opt out of cohort training #2459
Conversation
The upcoming "Federated Learning of Cohorts" proposal would enable data collection for identifying users who are members of particular groups based on their web history. Sites will need to evaluate whether their content, or user patterns of activity on-site, can safely be used for this purpose. If this is the case, then this opt out can be removed. More information and discussion are in the FLoC repo at: https://github.com/WICG/floc
|
Sounds like an interesting idea - though as it’s in the proposal stage at the moment and isn’t implemented by any browsers/adtech companies I think it’s too early to consider adding it to the html5 boilerplate. |
|
Thank you. There is a trial version of FLoC coming out in March 2021. (WICG/floc#25) I will post updates here as this proposal moves forward. If they decide to make cohort training opt-in for the site, then this meta tag will not be needed. |
|
The FLoC origin trial has begun. However this opt-out method will not work in the released version. They are planning to do an opt-out that can be incorporated into the page, and I will update this pull request to match. |
|
Heya @dmarti - I was just checking in on the status of Federated Learning of Cohorts (FLoC) and reading about how some big sites are opting out with a HTTP header |
|
Let's close this one. It's an interesting thing to keep track of, but it looks like it'll be something for the server configs rather than a meta tag. |
|
@coliff Sounds good. Are there associated issues over in the config repos? cc: @LeoColomb |
|
FLoC is still planed to come after all? 😱 |
|
There is still an open issue in the FLoC project (WICG/floc#13) covering HTML opt-out. The problem is that a |
|
@LeoColomb @coliff It looks like the existing approach to web server config files is to turn all the |
As multiple third-party scripts might be added to a site during development, it can be difficult to see when a script is attempting to use new browser features that might have privacy consequences. Consider adding a simple alert so that scripts can be checked and/or the site Permissions-Policy set before deploying to production. The "alert" is for development purposes, and could be replaced with an analytics event if a site wants to monitor attempted use of Topics API by third parties in production. Related: h5bp#2459
The upcoming "Federated Learning of Cohorts" proposal would enable data collection for identifying users who are members of particular groups based on their web history.
Sites will need to evaluate whether their content, or user patterns of activity on-site, can safely be used for this purpose. If this is the case, then this opt out can be removed.
More information and discussion are in the FLoC repo at: https://github.com/WICG/floc
Types of changes
Checklist:
Pull requests should be thought of as a conversation. There will be some back and forth when trying to get code merged into this or any other project. With all but the simplest changes you can and should expect that the maintainers of the project will request changes to your code. Please be aware of that and check in after you open your PR in order to get your code merged in cleanly.
Thanks!