Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update algorithm for budget deduction #28

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Update algorithm for budget deduction #28

Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
39bda30
update algorithm for budget deduction
Oct 2, 2024
2b96cfa
checkpoint
Oct 2, 2024
2a4fd23
citation and markdown fixes
Oct 2, 2024
978b16c
line indents
Oct 2, 2024
c52fecd
Merge branch 'main' into idp_updates
bmcase Oct 4, 2024
dc7d57d
only specify L1-norm, not p-norm
Oct 4, 2024
212e7a9
fmt
Oct 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 38 additions & 10 deletions api.bs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,8 @@ URL: https://private-attribution.github.io/api/
Editor: Martin Thomson, w3cid 68503, Mozilla https://mozilla.org/, [email protected]
Editor: Andy Leiserson, w3cid 147715, Mozilla https://mozilla.org/, [email protected]
Editor: Benjamin Savage, w3cid 114877, Meta https://www.meta.com/, [email protected]
Abstract: This specifies a browser API for the measurement of advertising performance. The goal is to produce aggregate statistics about how advertising leads to conversions, without creating a risk to the privacy of individual web users. This API collates information about people from multiple web origins, which could be a significant risk to their privacy. To manage this risk, the information that is gathered is aggregated using an aggregation service that is trusted by the user-agent to perform aggregation within strict limits. Noise is added to the aggregates produced by this service to provide differential privacy. Websites may select an aggregation service from the list of approved aggregation services provided by the user-agent.
Editor: Benjamin Case, w3cid 128082, Meta https://www.meta.com/, [email protected]
Abstract: This specifies a browser API for the measurement of advertising performance. The goal is to produce aggregate statistics about how advertising leads to conversions, without creating a risk to the privacy of individual web users. This API collates information about people from multiple web origins, which could be a significant risk to their privacy. To manage this risk, the information that is gathered is aggregated using an aggregation service that is trusted by the user-agent to perform aggregation within strict limits. Noise is added to the aggregates produced by this service to provide differential privacy. Websites may select an aggregation service from the list of approved aggregation services provided by the user-agent.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What diff tool are you using? You didn't change this line, but GitHub seems to think that you did...

Status Text: This specification is a proposal that is intended to be migrated to the W3C standards track. It is not a standard.
Text Macro: LICENSE <a href=http://www.w3.org/Consortium/Legal/2015/copyright-software-and-document>W3C Software and Document License</a>
Complain About: accidental-2119 yes, missing-example-ids yes
Expand Down Expand Up @@ -612,7 +613,7 @@ The arguments to <a method for=PrivateAttribution>measureConversion()</a> are as
<dd>
The maximum [=conversion value=] across all contributions included in the aggregation.
Together with epsilon, this is used to calibrate the distribution of random noise that
will be added to the outcome. It is also used to determine the amount of [=privacy budget=]
will be added to the outcome. It is also used to determine the amount of [=privacy budget=]
to expend on this [=conversion report=].
</dd>
<dt><dfn>lookbackDays</dfn></dt>
Expand All @@ -623,8 +624,8 @@ The arguments to <a method for=PrivateAttribution>measureConversion()</a> are as
<dd>A list of impression sites. Only [=impressions=] recorded where the top-level site is on this list are eligible to match this [=conversion=].</dd>
<dt><dfn>intermediarySites</dfn></dt>
<dd>
A list of sites which called the <a method for=PrivateAttribution>saveImpression()</a> API.
Only [=impressions=] recorded by scripts originating from one of the intermediary sites
A list of sites which called the <a method for=PrivateAttribution>saveImpression()</a> API.
Only [=impressions=] recorded by scripts originating from one of the intermediary sites
are eligible to match this [=conversion=].
</dd>
</dl>
Expand Down Expand Up @@ -1097,13 +1098,40 @@ conversion report.

### Privacy Budget Deduction ### {#dp-deduction}

When searching for impressions for the conversion report,
the user agent deducts the specified &epsilon; value from
the budget for the week in which those impressions were saved.
If the privacy budget for that week is not sufficient,
the impressions from that week are not used.
When a conversion requests attribution the call includes several querier-provided
parameters:
Comment on lines +1101 to +1102
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
When a conversion requests attribution the call includes several querier-provided
parameters:
When a site requests attribution, they provide several parameters:

1. the window of epochs to search for relevant events (`epochs` parameter);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
1. the window of epochs to search for relevant events (`epochs` parameter);
1. the length of time over which to select impressions ({{PrivateAttributionConversionOptions/lookbackDays}});

2. the requested privacy budget (`requested_epsilon`);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
2. the requested privacy budget (`requested_epsilon`);
2. the requested [=privacy budget=] ({{PrivateAttributionConversionOptions/epsilon}});

3. the `filterData` value used for selecting relevant events;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
3. the `filterData` value used for selecting relevant events;
3. the {{PrivateAttributionConversionOptions/filterData}} value used for selecting relevant events;

4. the `PrivateAttributionLogic` such as last-touch or equal-credit;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
4. the `PrivateAttributionLogic` such as last-touch or equal-credit;
4. the attribution {{PrivateAttributionConversionOptions/logic}} to use in selecting and attributing credit;

5. two sensitivity parameters: `report_global_sensitivity` which is a cap on how much attributed
value can come from this one conversion (e.g. the conversion value) and `query_global_sensitivity`
which is a maximum sensitivity across all reports to be processed the aggregation query.
Comment on lines +1107 to +1109
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This doesn't match the terminology that we've described. What we have defined has a value and a maxValue. It would help if you used the same words.

I don't regard the value as being sensitivity measure in that way, either. I view the sensitivity as a measure that applies to the entire query. That's a measure that is supplied when a batch of reports is sent to the aggregation service. Individual reports will have a maxValue that the browser will guarantee is at least as much as the actual contained value and no greater than the batch sensitivity. The concrete budget deduction will be no higher than both these measures.


The algorithm to <dfn>deduct privacy budget</dfn> and compute the attributed histogram will first look across
epochs for eligible impressions. It will deduct budget from any epoch with eligible
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd rather not use the word "epoch" here if we're going to use "week" elsewhere.

impressions. After budget has been deducted, impressions from epochs with sufficient budget will be considered for attribution.

The following steps happen for every epoch in the window of epochs.

Step 1: select relevant impressions within an epoch using the `filterData`.

Step 2: For each epoch compute the individual privacy loss of the query following Thm 4 of [[PPA-DP]]. There are three cases
* Case 1: If the epoch has no relevant impressions the privacy loss is 0.
* Case 2: If the window of epochs contains only a single epoch, the `individual_sensitivity` is the L1-norm of attribution function
applied to only the impressions in this epoch. The privacy loss deducted from the epoch's budget is
then `requested_epsilon * individual_sensitivity / query_global_sensitivity`.
* Case 3: If multiple epochs are considered, the privacy loss deducted from the epoch's budget is
`requested_epsilon * report_global_sensitivity / query_global_sensitivity`
Comment on lines +1119 to +1125
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that it would be easier for this to be integrated into the attribution logic than have it be standalone.

Ideally, that means that you would execute the attribution logic and return a value that this function uses. Right now, I think that ends up being a list of tuples, each containing (impression, value, week). The part that I find a little difficult to parse here is that you need to return (impression, value=0, week) for every week that contains an impression in order to make this theorem work. That's non-intuitive to me and requires a better explanation than I was able to find.


Step 3: Attempt to deduct the privacy of the epoch, if the filter has sufficient budget the impressions
are added to the set to be considered for attribution; otherise, they are dropped.

After every epoch has been considered separately, the final step is run across all epochs.
Step 4: The attribution function is applied across the eligible impression from all epochs (which had budget).
The browser ensures that the L1-norm of the attribution histogram is `<= report_global_sensitivity`.


The details of how to <dfn>deduct privacy budget</dfn> is given below ... WIP

<div class=example id=ex-budget>
In the following figure,
Expand Down
Loading