Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Software as a service use case for FPS #33

Open
joelodom opened this issue Feb 11, 2021 · 4 comments
Open

Software as a service use case for FPS #33

joelodom opened this issue Feb 11, 2021 · 4 comments

Comments

@joelodom
Copy link

This issue pertains to how a business may use first-party sets for personalization across its websites when using software as a service, using marketing software as a service as the example I have in mind.

Suppose that Example, Inc. has a flagship product branded Example Product. Every year Example, Inc. hosts a conference where their community can organize around Example Product. The conference serves marketing and technical exchange purposes, as most conferences do. Here are the related domains:

example.com -- Example, Inc.
product.com -- the website for Example Product
product-fest-2021.com -- a short-lived website for the annual conference
marketing-backend.com - a third-party service provider that provides marketing automation for Example, Inc.

These four websites have a legitimate reason to collect and use data about a particular conference registrant for the purpose of marketing around the conference that the registrant registered for, so they will need to identify a registrant across the sites. When a registrant registers for the conference, that registrant’s information and interactions with these related websites may be collected by the marketing backend, which provides the email services and other services to the conference host, Example, Inc. A key point is that the marketing backend service may be used by many different businesses, but the data of those businesses is never aggregated for widescale tracking or profiling across businesses or collected by the SaaS for resale, both of which we want to avoid. The marketing backend is just a solution for Example, Inc hosted as a software service.

This would be a common marketing use case. We could probably envision other examples where software as a service providers would need to act in a first party context. Can we find a way to do this with FPS in a privacy-preserving manner that is not subject to abuse by cross-business data aggregators?

@joelodom
Copy link
Author

joelodom commented Mar 10, 2021

In speaking with one of our UK customers this morning, she mentioned that her company maintains the same trademark across many eTLDs. I know that has been thought about as a use case for FPS, and it's salient to this use case as well. Our SaaS is on example.com and example.co.uk and example.de. They want to coordinate its use across those sites, so our domain would need to interoperate across those eTLDs. In particular, she mentioned marketing chat applications (provided as SaaS by a third-party) that users would expect to maintain state across the set.

@JadeKessler
Copy link

Thank you for bringing up this use case and providing a detailed example. A few points in response:

  • In your example, we would expect Product.com & Example.com to form a FPS. This is in fact a quintessential scenario for FPS-formation.

  • The question about product-fest-2021.com is an interesting one. We need to think more about how we might handle short lived domains but this has come up in previous PrivacyCG discussions and is on our radar.

  • W.r.t. marketing-backend.com: we certainly acknowledge that this is an important use case. Third parties provide important services to sites and continued support is important to maintain the health of the web. Partitioned state is probably the best solution here as it prevents aggregation while continuing to support SaaS use cases. We have one idea for partitioned cookies that we’ve laid out here:Explore cookie partitioning privacycg/storage-partitioning#15. We are also talking about partitioning web/JS storage on this repo: https://github.com/privacycg/storage-partitioning. If partitioned cookies are designed such that the top-level site’s FPS is the “partition key” (and not the domain); then the SaaS gets the same partitioned state across example.com, example.co.uk, and example.de.

@krgovind
Copy link
Collaborator

krgovind commented Apr 30, 2021

@joelodom - FYI, we recently published a proposal for an opt-in cookie partitioning attribute. I'd like to welcome your feedback on usefulness and support for incubation in a standards group on this thread.

I think partitioned cookies in concert with First-Party Sets should help with the marketing-backend.com usecase.

@michael-oneill
Copy link
Contributor

There should be discussion on corolary support, e.g. a javascript API to clear all site data including partitioned cookies/storage. privacycg/CHIPS#7

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants