Debug Privacy Budget Exhausted Error

Stay organized with collections Save and categorize content based on your preferences.

This guide explains how to use the new privacy budget debugging feature for PRIVACY_BUDGET_EXHAUSTED errors that is now available in Aggregation Service, as of v2.12.0. As documented, while aggregatable reports are submitted into a deployment of Aggregation Service through jobs, the infrastructure relies on the Aggregatable Reporting Account Service located in the TEE (Trusted Execution Environment) coordinators, to cap the privacy budget usage. As a reminder, privacy budget determines the maximum number of times these aggregatable reports can be used to generate summary reports to limit information gain. Any aggregation of a report beyond its allocated privacy budget will fail with PRIVACY_BUDGET_EXHAUSTED error.

This guide walks you through a debugging feature that, as of v2.12.0, generates and stores a helper JSON file of relevant reports that contributed to any subsequent PRIVACY_BUDGET_EXHAUSTED errors experienced by your jobs.

If you are interested in budget recovery, continue onto our public guidance on GitHub

Pre-requisite

By continuing on, the guide assumes that you have the following:

• Aggregation Service v2.12.0 (or later) deployed on your chosen public cloud (Google Cloud Platform or Amazon Web Services).

Debug a job that failed with PRIVACY_BUDGET_EXHAUSTED error

At this point, we expect that you have executed getJob endpoint with your latest job request ID, and got back a PRIVACY_BUDGET_EXHAUSTED error similar to the following response. From Aggregation Service v2.12.0, you should have a newly generated privacy budget exhausted debugging JSON file located in your public cloud storage bucket.

The paths are stated by return_message and follow the following formats:

• File path: <output_data_bucket_name>/<output_data_blob_prefix>/
• Filename: privacy_budget_exhausted_<request_received_at_timestamp>.json

{
  "job_status": "FINISHED",
  "request_received_at": <utc timestamp>,
  "request_updated_at": <utc timestamp>,
  "job_request_id": <customer assigned job id>,
  …
  "request_processing_started_at": <utc timestamp>,
  "result_info": {
    "return_code": "PRIVACY_BUDGET_EXHAUSTED",
    "return_message": "com.google.aggregate.adtech.worker.exceptions.AggregationJobProcessException: Insufficient privacy budget for one or more aggregatable reports. No aggregatable report can appear in more than one aggregation job. Information related to reports that do not have budget can be found in the following file:
    File path: ags-privacy-budget-codelab/output-bucket/output-domain Filename: privacy budget exhausted debugging information <utc timestamp> \n com.google.aggregate.adtech.worker.aggregation.concurrent.ConcurrentAggregationProcessor.consumePrivacyBudgetUnits(ConcurrentAggregationProcessor.java:525) \n com.google.aggregate.adtech.worker.aggregation.concurrent.ConcurrentAggregationProcessor.process(ConcurrentAggregationProcessor.java:319) \n com.google.aggregate.adtech.worker.WorkerPullWorkService.run(WorkerPullWorkService.java:157)",
    "error_summary": {
      "error_counts": "",
      "error_messages": ""
    }
  }
}

Error Resolution Steps

Locate and open the privacy_budget_exhausted_debugging_information_<utc timestamp>.json output provided to you in your public cloud storage bucket. This can be found at path <output_data_bucket_name>/<output_data_blob_prefix>provided in return_message. Within that JSON file, compare filtering_id (defaults to 0) and relevant_shared_info properties against the input aggregatable reports shared_info. Finding a match means that those reports exceed the allocated budget and lead to a job failure, and need to be filtered out in future jobs. Note that the matching reports can still be reused with a different filtering ID. After you have identified and removed the matching reports from your batch reports AVRO file, you are ready to re-run your job.

The following is an example of privacy_budget_exhausted_debugging_information_<utc timestamp>.json output.

{
 "privacy_budget_exhausted_info" : {
   "aggregatable_input_budget_consumption_info" : [ {
     "aggregateable_input_budget_id" : {
       "filtering_id" : 0,
       "relevant_shared_info" : {
         "api" : "attribution-reporting",
         "attribution_destination" : "f246a4e6-dde9-46a5-a6b2-ea523b484d0a",
         "reporting_origin" : "foo.com",
         "scheduled_report_time" : 1738814400.000000000,
         "source_registration_time" : 1738713600.000000000,
         "version" : "0.1"
       }
     }
   }, {
       "aggregateable_input_budget_id" : {
       "filtering_id" : 0,
       "relevant_shared_info" : {
         "api" : "attribution-reporting",
         "attribution_destination" : "f246a4e6-dde9-46a5-a6b2-ea523b484d0a",
         "reporting_origin" : "foo.com",
         "scheduled_report_time" : 1738796400.000000000,
         "source_registration_time" : 1738713600.000000000,
         "version" : "0.1"
       }
     }
   } ]
 }
}

Next Steps

Check if anyone else has encountered the same issue on the Privacy Sandbox Status Dashboard or on the public GitHub repository. If you don't see a resolution to your Aggregation Service issue, file a GitHub issue or submit the technical support form.