What about the CookieGraph study? - A method that uses ML (RandomForest) to detect First-Party cookies used for tracking purposes. #196
Labels
third-party-cookie-deprecation
Third-party cookie deprecation
A study, titled "CookieGraph: Understanding and Detecting First-Party Tracking Cookies" https://arxiv.org/abs/2208.12370 authored by a team of researchers in the field of online privacy and security, shows that a majority of adtech/martech players use First-Party cookies to store cross-domain identifiers.
How CookieGraph works
The paper describes how the team successfully trained a model using numerous signals collected from millions of websites about their use of first-party cookies (including values, names, expiry, etc.). This system, a graph-based machine learning approach, functions by analyzing webpages' execution information, captured through an instrumented browser. It monitors HTML elements, network requests, scripts, and storage operations, offering a thorough perspective on how cookies are utilized and interacted with on websites.
Using this data, CookieGraph applies a random forest classifier to differentiate between tracking and non-tracking first-party cookies. The classifier assesses the likelihood of a cookie being used for tracking based on its behavior and characteristics.
How efficient it is
Interestingly, even alternative ID solutions whether based on Bounce Tracking or Authenticated Traffic signals (involving PII submitted by the user) would be blocked by this approach. This looks to be a very efficient way to block covert tracking methods, regardless of their basis.
What about CookieGraph and the Privacy Sandbox?
This leads to my question: would Chrome be inclined to consider incorporating such a method within the Privacy Sandbox framework? It seems to align quite well with the unerlying philosophy of the project.
Thanks for your thoughts on this.
The text was updated successfully, but these errors were encountered: