← Back to release summary
Private Aggregation API
- Category
- Miscellaneous
- Type
- New or changed feature
- Status
- Enabled by default (Chrome 115)
- Intent stage
- Prepare to ship
Summary
A generic mechanism for measuring aggregate, cross-site data in a privacy preserving manner. The potentially identifying cross-site data is encapsulated into "aggregatable reports". To prevent leakage, this data is encrypted, ensuring it can only be processed by the aggregation service. During processing, this service will add noise and impose limits on how many queries can be performed.
Motivation
Relative to cross-site data from each user, aggregate, noisy data can leak less information about individual users, and yet would be sufficient for a wide range of use cases that rely on third-party cookies today. An aggregation service has been proposed to allow reporting noisy, aggregated cross-site data. This service was originally proposed for use by the Attribution Reporting API, but allowing more general aggregation would support additional use cases.
Standards & signals
- Specification: https://patcg-individual-drafts.github.io/private-aggregation-api
- Firefox: Closed Without a Position — No signal specific to Private Aggregation. However the Gecko position on Shared Storage (one of the ways Private Aggregation is exposed) was negative.
- Safari: Closed Without a Position
- Web developers: No signals — Developers have shown interest in the API both for cross-site use cases through Shared Storage and for Protected Audience aggregate reporting and have engaged on GitHub[1]. For Shared Storage, multiple testers have publicly flagged their interest via the public Shared Storage Testers List [2].
[1] https://github.com/patcg-individual-drafts/private-aggregation-api/issues
[2] https://github.com/WICG/shared-storage/blob/main/shared-storage-tester-list.md
- Tracking bug: https://crbug.com/1316659
Explainers: https://github.com/patcg-individual-drafts/private-aggregation-api
View on chromestatus.com