Glosario de Privacy Sandbox

Los artículos y la documentación de Privacy Sandbox suponen un conocimiento de los conceptos de privacidad, publicidad y desarrollo web. En este glosario, se explican los términos clave relacionados con Privacy Sandbox.

Subasta de anuncios (API de Protected Audience)

In the Protected Audience API, an ad auction is run by a seller (likely to be an SSP or maybe the publisher itself), in JavaScript code in the browser on the user's device, to sell ad space on a site that displays ads.

Creatividad del anuncio

Ad creative refers to the contents of the ad served to users. Creatives can be images, videos, audio, and other formats. Creatives live within an ad space, and are served by ad tech within line items.

Ad Exchange

An ad exchange is a platform to automate buying and selling of ad inventory from multiple ad networks.

Inventario de anuncios, espacio publicitario

Ad inventory space is the space or spaces for ads that are available from a site that sells ad space.

Plataforma de anuncios (tecnología publicitaria)

Una plataforma de anuncios es una empresa que proporciona servicios para publicar anuncios.

Advertiser

An advertiser is a company that pays to advertise its products.

Contabilidad de informes agregables

A distributed ledger, located in both coordinators, that tracks the allocated privacy budget and enforces the 'No Duplicates' rule. This is the privacy preserving mechanism, located and run within coordinators, that ensures no reports pass through the Aggregation Service beyond the allocated privacy budget.

Read more on how batching strategies relate to aggregatable reports.

Presupuesto de la contabilidad de informes agregables

References to the budget that ensures individual reports are not processed more than once.

Informes agregables

Aggregatable reports are encrypted reports sent from individual user devices. These reports contain data about cross-site user behavior and conversions. Conversions (sometimes called attribution trigger events) and associated metrics are defined by the advertiser or ad tech. Each report is encrypted to prevent various parties from accessing the underlying data.

Learn more about aggregatable reports.

Servicio de agregación

An ad tech-operated service that processes aggregatable reports to create a summary report.

Read more about the Aggregation Service backstory in our explainer and the full terms list.

Llamador de la API

Un llamador de API es una entidad, como una app, un SDK de terceros o un sitio web, que envía una solicitud a la API de Topics para acceder a los intereses de un usuario.

Certificación

A mechanism to authenticate software identity, usually with cryptographic hashes or signatures. For the aggregation service proposal, attestation matches the code running in your ad tech-operated aggregation service with the open source code.

Read more about attestation.

Atribución

Attribution refers to the identification of user actions that contribute to an outcome.

For example, a correlation of ad clicks or views with conversions.

Blink is the rendering engine used by Chrome, developed as part of the Chromium project.

Comprador

A buyer is a party bidding for ad space in an ad auction, likely to be a DSP, or maybe the advertiser itself. Ad space buyers own and manage interest groups.

Publishers make ad inventory available through marketplaces called ad exchanges, and buyers compete in real time through a DSP for the opportunity to place their advertisement.

Learn about ad space buyers in the Protected Audience API.

Chromium

Chromium is an open-source web browser project. Chrome, Microsoft Edge, Opera and other browsers are based on Chromium.

Conversión posclic (CTC)

A click-through conversion is a conversion attributed to an ad that was clicked.

Tasa de clics (CTR)

The click-through rate is the ratio of users who click on an ad, having seen it.

See also impression.

Vinculación de contribuciones

Los informes agregables pueden contener una cantidad arbitraria de incrementos de contador. Por ejemplo, un informe puede contener un recuento de los productos que un usuario vio en el sitio de un anunciante. La suma de los incrementos en todos los informes agregables relacionados con un solo evento de fuente no debe exceder un límite determinado, como L1=2^16 (65,536).

Obtén más información en la explicación de los informes agregables.

Conversión

Una conversión es la finalización de un objetivo deseado después de la acción de un usuario.

Por ejemplo, se puede generar una conversión con la compra de un producto o el registro para recibir un boletín informativo después de hacer clic en un anuncio que se vincula con el sitio del anunciante.

A cookie is a small piece of textual data that websites can store on a user's browser. Cookies can be used by a website to save information associated with a user (or a reference to data stored on the website's backend servers) as the user moves across the web.

For example, an online store can retain shopping cart details even if a user is not logged in, or the site could record the user's browsing activity on their site. See First-party cookie and Third-party cookie.

Coordinador

Entities responsible for key management and aggregatable report accounting. A Coordinator maintains a list of hashes of approved aggregation service configurations and configures access to decryption keys.

Datos generales

Los datos generales son la información limitada que proporcionan los informes a nivel del evento de la API de Attribution Reporting. Esto se limita a 3 datos de conversión para los clics y a 1 para las vistas. No se incluyen datos de conversiones específicos y detallados (como precios específicos de los artículos y marcas de tiempo).

Plataforma de administración de datos (DMP)

A data management platform is software used to collect and manage data relevant for advertisers. These platforms help advertisers and publishers identify audience segments, which can then be used for campaign targeting.

Learn more about DMPs.

Plataforma orientada a la demanda (DSP)

A demand-side platform is an ad tech service used to automate ad purchasing. DSPs are used by advertisers to buy ad impressions across a range of publisher sites.

Privacidad diferencial

La privacidad diferencial se refiere a técnicas que permiten compartir información sobre un conjunto de datos para revelar patrones de comportamiento sin revelar información privada sobre individuos o si pertenecen al conjunto de datos.

Dominio

Domain. See Top-Level Domain and eTLD.

Entropía

Entropy, in the privacy domain, is a measure of how much an item of data reveals individual identity.

Data entropy is measured in bits. The more that data reveals identity, the higher its entropy value.

Data can be combined to identify an individual, but it can be difficult to work out whether new data adds to entropy. For example, knowing a person is from Australia doesn't reduce entropy if you already know the person is from Kangaroo Island.

Epoch

En la API de Topics, un ciclo de entrenamiento es el período durante el cual el navegador infiere temas para un usuario en función de su actividad de navegación. Actualmente, está configurada en una semana.

eTLD, eTLD+1

eTLDs are effective top-level domains (TLD), which are defined by the Public Suffix List.

For example:

co.uk 
github.io 
glitch.me

Effective TLDs are what allow foo.appspot.com to be a different site from bar.appspot.com. The eTLD in this case is appspot.com, and the whole site name (foo.appspot.com, bar.appspot.com) is known as the eTLD+1.

See also Top-Level Domain.

Informe a nivel del evento

Event-level reports associate a particular ad click or view (on the ad side) with data on the conversion side. To preserve user privacy by limiting the joining of user identity across sites, conversion-side data is very limited, and the data is noisy.

API de Federated Credential Management (FedCM)

La API de Federated Credential Management es una propuesta para un enfoque que preserva la privacidad de los servicios de identidad federada. Esto permitirá a los usuarios acceder a sitios sin compartir su información personal con el servicio de identidad o el sitio.

FedCM antes se conocía como WebID y todavía está en desarrollo en W3C.

Identidad federada (acceso federado)

La identidad federada es una plataforma de terceros que permite que un usuario acceda a un sitio web sin necesidad de que el sitio implemente su propio servicio de identidad.

Marco vallado

A (<fencedframe>) is a proposed HTML element for embedded content, similar to an iframe. Unlike iframes, a fenced frame restricts communication with its embedding context to allow the frame access to cross-site data without sharing it with the embedding context.

Some Privacy Sandbox APIs may require select documents to render within a fenced frame. Learn more about the Fenced Frames proposal.

Creación de huellas digitales

La creación de huellas digitales abarca técnicas para identificar y hacer un seguimiento del comportamiento de usuarios individuales.

El fingerprinting usa mecanismos que los usuarios no conocen y no pueden controlar.

Superficie de creación de huellas digitales

A fingerprinting surface is something that can be used (probably in combination with other surfaces) to identify a particular user or device.

For example, the navigator.userAgent() JavaScript method and the User-Agent HTTP request header provide access to a fingerprinting surface (the User-Agent string).

Propia

First party refers to resources from the site you're visiting.

For example, the page you're reading is on the site developer.chrome.com and includes resources requested from this site. Requests for those first-party resources are called 'first-party requests'. Cookies from developer.chrome.com stored while you're on this site are called first-party cookies.

See also Third-party.

Una cookie propia es una cookie que almacena un sitio web mientras un usuario se encuentra en el propio sitio.

Por ejemplo, una tienda en línea puede pedirle a un navegador que almacene una cookie a fin de conservar los detalles del carrito de compras de un usuario que no accedió. Consulta también Cookies de terceros.

I2E

Intent to Experiment (I2E) is the announcement of a plan to make a new Blink feature available to users for testing, typically through an origin trial.

I2EE

El intent de extensión (I2EE) es un anuncio de un plan para extender la duración de una prueba de origen.

I2P

Intent to Prototype (I2P) is the first stage in developing a new feature in Blink. The announcement is posted to the blink-dev mailing list with a link to the proposal for discussion.

I2S

Intent to Ship (I2S) es un anuncio de un plan para poner a disposición de los usuarios una nueva función de Blink en versiones estables de Chrome.

Impresión

Impression could refer to either:

  • View of an ad. See also click-through rate.
  • An ad slot: the HTML markup (usually <div> tags) on a web page where an ad can be displayed. Ad slots constitute inventory.

Publicidad basada en intereses (IBA)

Interest-based advertising (IBA) is a form of personalized advertising in which an ad is selected for a user based on their interests, inferred from the user's activity: the sites they've recently visited on the web, or the apps they used on Android. This is different from contextual advertising, which aims to match ads to the content the user is viewing.

Grupo de interés

En la API de Protected Audience, antes FLEDGE, un grupo de intereses representa a un grupo de personas con un interés común, que corresponde a una lista de remarketing.

Cada grupo de interés tiene un propietario. Los distintos tipos de propietarios crearán diferentes tipos de grupos de intereses con diferentes casos de uso.

Inventario

El inventario corresponde a los espacios publicitarios disponibles en un sitio. Los espacios publicitarios son el lenguaje de marcado HTML (por lo general, etiquetas <div>) en el que se pueden mostrar anuncios.

k‑anonimato

K-anonymity is the measure of anonymity within a data set. If you have k anonymity, you can't be distinguished from k-1 other individuals in the data set. In other words, k individuals have the same information (including you).

Ruido y escalamiento

Statistical noise that is added to summary reports during the aggregation process to preserve privacy and ensure the final reports provide anonymized measurement information.

Read more about additive noise mechanism, which is drawn from Laplace distribution.

Nonce

A nonce is an arbitrary number used only once in cryptographic communication.

Origen

An origin is defined by the scheme (protocol), hostname (domain), and port of the URL used to access it.

For example: https://developer.chrome.com

Prueba de origen

Origin trials are trials that provide access to a new or experimental feature, to make it possible to build functions that users can try out for a limited time before the feature is made available to everyone.

When Chrome offers an origin trial for a feature, an origin can be registered for the trial to allow the feature for all users on that origin, without requiring users to toggle flags or switch to an alternative build of Chrome (though they may need to upgrade). Origin trials allow developers to build demos and prototypes using new features. The trials help Chrome engineers understand how new features are used, and how they may interact with other web technologies.

Find out more: Getting started with Chrome's origin trials.

Superficie pasiva

Las superficies pasivas son superficies de huellas digitales, como strings de usuario-agente, direcciones IP y encabezados Accept-Language, que están disponibles para todos los sitios web, más allá de que el sitio las solicite o no.

Las superficies pasivas pueden consumir fácilmente el presupuesto de privacidad de un sitio.

La iniciativa de Privacy Sandbox propone reemplazar plataformas pasivas por formas activas de obtener información específica, por ejemplo, usar Sugerencias de cliente una sola vez para obtener el idioma del usuario, en lugar de tener un encabezado Accept-Language para cada respuesta a cada servidor.

API de Protected Audience

The Protected Audience API is the new name for the FLEDGE API.

Editor

En el contexto de Privacy Sandbox, un publicador es un sitio con espacio publicitario que se paga para mostrar anuncios.

Alcance

Reach represents the total number of people who see an ad or who visit a web page that displays the ad.

Ofertas en tiempo real (RTB)

Las ofertas en tiempo real son una subasta automática para comprar y vender impresiones de anuncios en sitios web, que se completan durante la carga de la página.

Remarketing

Remarketing is the practice of advertising to people who've already visited your site on other sites.

For example, an online store could show ads for a toy sale to people who previously viewed toys on their site.

Origen de los informes

La entidad que recibe informes agregables (es decir, tú o una tecnología publicitaria que llamó a la API de Attribution Reporting) Los informes agregables se envían desde los dispositivos de los usuarios a una URL conocida asociada con el origen de los informes. El origen de los informes se designa durante la inscripción.

Factor de escala

Scaling factor, in the context of the Attribution Reporting API, refers an amount by which you choose to multiply an aggregatable value. Scaling impacts the effect of noise and your contribution budget.

Vendedor

A seller is the party running an ad auction, likely to be an SSP or maybe the publisher itself.

ID compartido

A computed value that consists of shared_info, reporting_origin, destination_site (for Attribution Reporting API only), source_registration-time (for Attribution Reporting API only), scheduled_report_time, and version.

Multiple reports that share the same attributes in the shared_info field should have the same shared ID. Shared IDs play an important role within Aggregatable Report Accounting.

Read more about Trusted Servers.

Sitio

A site is equivalent to an eTLD+1 along with a scheme (protocol).

See also Top-Level Domain.

Particionamiento de almacenamiento

Storage partitioning is a mechanism in Chrome to prevent certain types of side-channel cross-site tracking, Chrome is partitioning storage and communications APIs in third-party contexts.

Storage partitioning prevents a site from joining data across different sites to track the user across the web.

Informe de resumen

An Attribution Reporting API and Private Aggregation API report type. A summary report includes aggregated user data, and can contain detailed conversion data with noise added. Summary reports are made up of aggregate reports. They allow for greater flexibility and provide a richer data model than event-level reporting, particularly for some use-cases like conversion values.

Plataforma de proveedores, plataforma orientada a la venta

A supply-side platform is an ad tech service used to automate selling ad inventory. SSPs allow publishers to offer their inventory (empty rectangles where ads will go) to multiple ad exchanges, DSPs, and networks. This enables a wide range of potential buyers to bid for ad space.

Superficie

Surface. See Fingerprinting surface and Passive surface.

Third party refers to resources served from a domain that's different from the website you're visiting.

For example, a website foo.com might use analytics code from google-analytics.com (via JavaScript), fonts from use.typekit.net (via a link element) and a video from vimeo.com (in an iframe). See also First-party.

A third-party cookie is a cookie stored by a third-party service.

For example, a video website might include a Watch Later button in their embedded player to allow a user to add a video to their wishlist without forcing them to navigate to the video site.

See also First-party cookie.

Dominio de nivel superior (TLD)

Top-level domains such as .com and .org are listed in the Root Zone Database.

See also eTLD, site.

Tema

A topic is a human-readable topic of interest of a user and is part of the Topics taxonomy.

Taxonomía de Topics

The Topics taxonomy is a public, human-curated, human-readable hierarchy of categories that the Topics API uses to represent users' interests.

Entorno de ejecución confiable (TEE)

Es una configuración segura de hardware y software de computadoras que permite a terceros verificar las versiones exactas del software que se ejecuta en la máquina sin temor a la exposición. Los TEE permiten que las partes externas verifiquen que el software haga exactamente lo que el fabricante de software afirma que hace, ni más ni menos.

Para obtener más información sobre los TEE que se usan para las propuestas de Privacy Sandbox, lee la explicación de los servicios de la API de Protected Audience y la explicación del servicio de agregación.

Sugerencias de clientes de usuario-agente (UA-CH)

Las sugerencias de clientes de usuario-agente proporcionan fragmentos específicos de la string de usuario-agente a una solicitud explícita. Esto ayuda a reducir las plataformas pasivas en la string usuario-agente que puede conducir a la identificación del usuario o el seguimiento encubierto.

En algunas ocasiones, UA-CH también se denomina "Client Hints".

Cadena de usuario-agente

Una string de usuario-agente es un encabezado HTTP que usan los servidores y los pares de red para solicitar información de identificación sobre una aplicación, un sistema operativo, un proveedor o la versión de un usuario-agente. La string usuario-agente transmite una gran string de datos, lo que es un problema para la privacidad del usuario. Se propone la reducción de usuario-agente para quitar información sensible y reducir la creación de huellas digitales pasiva.

.well-known

El archivo .well-known es un archivo que se usa para agregar redireccionamientos a un sitio web desde URLs estandarizadas.

Por ejemplo, los administradores de contraseñas pueden facilitar que los usuarios actualicen las contraseñas si un sitio web establece un redireccionamiento de /.well-known/change-password a la página para cambiar la contraseña del sitio.

Además, puede ser útil acceder a la política o a otra información sobre un host antes de realizar una solicitud. Por ejemplo, robots.txt les indica a los rastreadores web qué páginas visitar y qué páginas ignorar. La IETF RFC8615 describe una forma estandarizada de hacer que los metadatos de todo el sitio sean accesibles en ubicaciones estándar en un subdirectorio /.well-known/.

Consulta una lista de recomendaciones para .well-known en iana.org/assignments/well-known-uris/well-known-uris.xhtml.

Worklet

A worklet allows you to run specific JavaScript functions and return information back to the requester. Within a worklet, you can execute JavaScript but you cannot interact or communicate with the outside page.

Worklets are used to store and extract data with the Shared Storage API.