undefined | Better HN

0 pointscandiodari4y ago0 comments

Okay:

1) you visit to www.somesite.com

2) it serves an ad <iframe src="www.google.com/givemeanad?userforme=waps&hespent=500"

3) your browser does a request to google. It sends:

a) your login cookie from your gmail session (or ...)

b) the referrer header tells it which site to serve the ad on

c) any information the site itself wants to attach to the request

4) Google/Microsoft/Apple store this information and can provide advertisers with your identity, all sites you visit that have their ads, the "flow" (what you visited in what order, e.g. how far did you get in an ordering funnel) and any information those sites share about your account on their site.

0 comments

1 comments · 1 top-level

nightpool4y ago

Okay, but: a) is blocked by site partitioning, b) doesn't have per-user tracking information, and c) only works (of course) if you've explicitly signed in with Google on that site. I don't think Google supports third-party tracking for ads via that personalization path yet, but plenty of non-Google advertisers do: they take your hashed email address and use that to replace their third-party tracking cookies. This is what the ad community is hailing as their "privacy first" approach that breaks Google's "monopoly"—sending your email address to every single advertiser who they partner with.

j / k navigate · click thread line to collapse