Privacy Features in WebKit

by John Wilander

  • WebKit Tracking Prevention Policy
  • Privacy Defaults Timeline
    • 2003 Third-parties without pre-existing cookies cannot set cookies
    • 2013 Caches and HTML5 storage partitioned per website
    • 2017 Intelligent Tracking Prevention deletes tracking cookies
    • 2018 The Storage Access API asks for user permission
    • 2019 Private Click Measurement (proposed standard)
  • How to Enable ITP
    • “Resource Load Statistics”
    • Classification there for all ports
    • Cocoa-specific:
      • Public Suffix List
      • Cookie blocking (HTTP and JS)
      • HTTP referrer downgrade
      • HSTS restrictions
  • The Storage Access API
    • Prompt: Do you want to allow “third party video.example” to use cookies and website date while browsing news.example
  • What is Ad Click Attribution?
    • You buy something, where did the purchase come from, an ad?
    • Search for something click and ad
      • If you add the item to shopping cart
      • Cookie is set and read by search provider
      • ITP prevents this, no matching
  • Private Click Measurement
    • 1. Store Ad Clicks internally
    • 2. Match conversions against stored clicks
    • 3. Send out attribution data
    • Provides aggregate measurement of ad clicks
  • Next Up
    • isLoggedIn API
      • Differentiate between logged in and casual visits
      • Proposed at W3C TPAC
Last modified 3 years ago Last modified on Nov 1, 2019 5:13:30 PM