Privacy Sandbox 的文章和說明文件假設讀者瞭解隱私權、廣告和網頁開發的概念。本詞彙表會說明與 Privacy Sandbox 相關的重要術語。
廣告競價 (Protected Audience API)
在 Protected Audience API 中,賣方 (可能是賣方平台或發布商本身) 會在使用者裝置瀏覽器中的 JavaScript 程式碼內執行廣告競價,藉此銷售廣告所在網站上的廣告空間。
廣告素材、素材
廣告素材是指向使用者放送的廣告內容。廣告素材可以是圖片、影片、音訊和其他格式廣告素材會在廣告空間中運作,並由委刊項中的廣告技術放送。
Ad Exchange
廣告交易平台是一種平台,可自動購買和銷售多個廣告聯播網的廣告空間。
廣告空間
Ad inventory space is the space or spaces for ads that are available from a site that sells ad space.
廣告平台 (廣告技術)
廣告平台是提供服務來放送廣告的公司。
廣告主
An advertiser is a company that pays to advertise its products.
可匯總報表計算
A distributed ledger, located in both coordinators, that tracks the allocated privacy budget and enforces the 'No Duplicates' rule. This is the privacy preserving mechanism, located and run within coordinators, that ensures no reports pass through the Aggregation Service beyond the allocated privacy budget.
Read more on how batching strategies relate to aggregatable reports.
可匯總報表計算預算
參照預算,確保系統不會重複處理個別報表。
可匯總報表
Aggregatable reports are encrypted reports sent from individual user devices. These reports contain data about cross-site user behavior and conversions. Conversions (sometimes called attribution trigger events) and associated metrics are defined by the advertiser or ad tech. Each report is encrypted to prevent various parties from accessing the underlying data.
Learn more about aggregatable reports.
匯總服務
由廣告技術營運的服務,可處理可匯總報表並產生摘要報表。
如要進一步瞭解匯集服務的背景資訊,請參閱說明文章和完整條款清單。
API 呼叫端
An API caller is an entity, such as an app, a third-party SDK, or a website, that makes a request to the Topics API to access a user's interests.
確認聲明
A mechanism to authenticate software identity, usually with cryptographic hashes or signatures. For the aggregation service proposal, attestation matches the code running in your ad tech-operated aggregation service with the open source code.
歸因
Attribution refers to the identification of user actions that contribute to an outcome.
For example, a correlation of ad clicks or views with conversions.
Blink
Blink 是 Chrome 使用的轉譯引擎,同時由 Chromium 專案開發。
採購
A buyer is a party bidding for ad space in an ad auction, likely to be a DSP, or maybe the advertiser itself. Ad space buyers own and manage interest groups.
Publishers make ad inventory available through marketplaces called ad exchanges, and buyers compete in real time through a DSP for the opportunity to place their advertisement.
Learn about ad space buyers in the Protected Audience API.
鉻
Chromium 是開放原始碼網路瀏覽器專案。Chrome、Microsoft Edge、Opera 和其他瀏覽器 以 Chromium 為基礎。
點閱後轉換
A click-through conversion is a conversion attributed to an ad that was clicked.
點閱率 (CTR)
點閱率是指按下廣告並看見廣告的使用者比例。
另請參閱曝光。
貢獻者綁定
Aggregatable reports may contain an arbitrary number of counter increments. For
example, a report may contain a count of products that a user has viewed on an
advertiser's site. The sum of increments in all aggregatable reports related to
a single source event must not exceed a given limit, such as L1=2^16 (65,536).
Learn more in the aggregatable reports explainer.
轉換
A conversion is the completion of some desired goal following action by a user.
For example, a conversion may occur with the purchase of a product or sign-up for a newsletter after clicking an ad that links to the advertiser's site.
Cookie
Cookie 是網站儲存在使用者的瀏覽器中的一小段文字資料。 網站可使用 Cookie,在使用者進行網路移動時儲存與使用者相關的資訊 (或網站後端伺服器所儲存資料的參照)。
舉例來說,網路商店可以保留購物車詳細資料,即便使用者未登入,或是網站可以記錄使用者的瀏覽活動。請參閱「第一方 Cookie」和「第三方 Cookie」這兩篇文章。
協調員
Entities responsible for key management and aggregatable report accounting. A Coordinator maintains a list of hashes of approved aggregation service configurations and configures access to decryption keys.
粗略資料
Coarse data refers to limited information provided by Attribution Reporting API event-level reports. This is limited to 3 pieces of conversion data for clicks and 1 piece for views. Specific, granular conversion data (such as specific prices of items and timestamps) are not included.
資料管理平台 (DMP)
A data management platform is software used to collect and manage data relevant for advertisers. These platforms help advertisers and publishers identify audience segments, which can then be used for campaign targeting.
Learn more about DMPs.
需求端平台 (DSP)
需求端平台是一種廣告技術服務,可自動購買廣告。廣告客戶可使用 DSP 購買各個發布商網站的廣告曝光。
差異化隱私
Differential privacy refers to techniques to allow sharing of information about a dataset to reveal patterns of behaviour without revealing private information about individuals or whether they belong to the dataset.
網域
熵
「熵」是指一項資料項目揭露個人身分的程度。
資料熵是以位元測量。資料揭露越多,熵價值就越高。
資料可以結合以找出個人,但要確認新資料是否新增至熵內容,並不容易。舉例來說,如果你已知道人來自澳洲人,但知道對方是澳洲人,並不會因此減少熵。
訓練週期
在 Topics API 中,「週期」是指瀏覽器根據瀏覽活動推斷使用者的一段時間。目前設為一週。
eTLD、eTLD+1
eTLDs are effective top-level domains (TLD), which are defined by the Public Suffix List.
For example:
co.uk
github.io
glitch.me
Effective TLDs are what allow foo.appspot.com to be a different site from
bar.appspot.com. The eTLD in this case is appspot.com, and the whole
site name (foo.appspot.com, bar.appspot.com) is known as the eTLD+1.
See also Top-Level Domain.
事件層級報表
事件層級報表,將特定廣告點擊或瀏覽 (在廣告端) 與轉換端的資料建立關聯。為了藉由限制跨網站整合使用者身分來維護使用者隱私,轉換端資料非常有限,而且資料十分雜亂。
Federated Credential Management API (FedCM)
Federated Credential Management API 是一項針對隱私保護方法的聯合身分識別服務提案。如此一來,使用者就能登入網站,而不必與身分服務或網站分享個人資訊。
FedCM 舊稱 WebID,仍在 W3C 中處於開發階段。
聯合身分識別 (聯合登入)
聯合識別資訊是第三方平台,可讓使用者登入網站,不必執行網站實作自己的身分識別服務。
圍欄頁框
A (<fencedframe>) is a proposed HTML element for embedded content, similar to
an iframe. Unlike
iframes, a fenced frame restricts communication with its embedding context to
allow the frame access to cross-site data without sharing it with the embedding
context.
Some Privacy Sandbox APIs may require select documents to render within a fenced frame. Learn more about the Fenced Frames proposal.
數位指紋採集
Fingerprinting encompasses techniques to identify and track the behaviour of individual users.
Fingerprinting uses mechanisms that users aren't aware of and can't control.
表面指紋採集
指紋途徑可以與其他途徑搭配使用,以識別特定使用者或裝置。
例如,navigator.userAgent() JavaScript 方法和 User-Agent HTTP 要求標頭會提供指紋途徑 (User-Agent 字串) 的存取權。
第一方
First party refers to resources from the site you're visiting.
For example, the page you're reading is on the site developer.chrome.com and
includes resources requested from this site. Requests for those first-party
resources are called 'first-party requests'. Cookies from
developer.chrome.com stored while you're on this site are called
first-party cookies.
See also Third-party.
第一方 Cookie
第一方 Cookie 是指使用者在網站上儲存時,網站儲存的 Cookie。
舉例來說,網路商店可能會要求瀏覽器儲存 Cookie,藉此保留未登入使用者的購物車詳細資料。另請參閱第三方 Cookie。
I2E
實驗意圖 (I2E) 宣布一項計畫即將推出新的 Blink 功能,供使用者進行測試,通常是透過來源試用。
I2EE
「擴充實驗」(I2EE) 是一項計畫的公告,用於延長來源試用的持續時間。
I2P
製作原型 (I2P) 的意圖是 Blink 開發新功能的第一步。公告會張貼在 blink-dev 郵寄清單中,並附上討論提案的連結。
I2S
Intent to Ship (I2S) 宣布了一項計劃,那就是向使用 Chrome 穩定版的使用者提供 Blink 的新功能。
曝光
Impression could refer to either:
- View of an ad. See also click-through rate.
- An ad slot: the HTML markup (usually
<div>tags) on a web page where an ad can be displayed. Ad slots constitute inventory.
按照興趣顯示廣告 (IBA)
「按照興趣顯示的廣告」(IBA) 是一種個人化廣告,即系統透過使用者活動 (例如最近造訪的網站或在 Android 上使用的應用程式) 推斷其興趣,再據此向使用者放送相關廣告。這點與「內容相關廣告」不同。在「內容相關廣告」模式下,系統會根據使用者正在觀看的內容,比對適合的廣告。
興趣群組
在 Protected Audience API (舊稱 FLEDGE) 中,興趣群組代表與再行銷名單對應的一群有共同興趣的使用者。
每個興趣群組都有擁有者。不同類型的擁有者會建立不同類型的興趣群組,其中包含各種用途。
庫存
Inventory is the ad slots available on a site. Ad slots are the HTML markup (usually <div>
tags) where ads can be displayed.
k-anonymity
K-anonymity is the measure of anonymity within a data set. If you have k anonymity, you can't be distinguished from k-1 other individuals in the data set. In other words, k individuals have the same information (including you).
雜訊和縮放
Statistical noise that is added to summary reports during the aggregation process to preserve privacy and ensure the final reports provide anonymized measurement information.
Read more about additive noise mechanism, which is drawn from Laplace distribution.
Nonce
Nonce 是加密通訊中只使用一次的任意數字。
來源
An origin is defined by the scheme (protocol), hostname (domain), and port of the URL used to access it.
For example: https://developer.chrome.com
來源試用
來源試用是一種試用機制,可讓使用者存取全新或實驗性功能,以便建立功能,讓使用者在這項功能全面推出前,可以先試用一段時間。
當 Chrome 為某項功能提供來源試用時,可以註冊「來源」試用,以便該來源的所有使用者都能使用這項功能,而不必要求使用者切換標記或改用 Chrome 的其他版本 (但可能需要升級)。來源試用可讓開發人員使用新功能建構試用版和原型。試用有助於 Chrome 工程師瞭解新功能的運用方式,以及這些功能如何與其他網路技術互動。
詳情請參閱:開始使用 Chrome 來源試用。
被動表面
Passive surfaces are fingerprinting surfaces—such as User-Agent strings, IP addresses, and Accept-Language headers—that are available to every website, whether the site asks for them or not.
Passive surfaces can easily consume a site's privacy budget.
The Privacy Sandbox initiative proposes replacing passive surfaces with active ways to get specific information, for example using Client Hints a single time to get the user's language rather than having an Accept-Language header for every response to every server.
Protected Audience API
Protected Audience API 是 FLEDGE API 的新名稱。
發布商
在 Privacy Sandbox 的結構定義中,發布商是一種付費放送廣告的網站。
觸及率
Reach represents the total number of people who see an ad or who visit a web page that displays the ad.
即時出價 (RTB)
Real-time bidding refers to an automated auction for buying and selling ad impressions on websites, completed during page load.
再行銷
再行銷是指對曾經在其他網站上瀏覽過您網站的使用者放送廣告。
舉例來說,網路商店可以向先前在網站上瀏覽過玩具的使用者顯示玩具特賣廣告。
報表來源
接收可匯總報表的實體,也就是呼叫 Attribution Reporting API 的您或廣告技術。可匯總報表會從使用者裝置傳送至與回報來源相關聯的知名網址。報表來源會在註冊期間指定。
縮放比例係數
Scaling factor, in the context of the Attribution Reporting API, refers an amount by which you choose to multiply an aggregatable value. Scaling impacts the effect of noise and your contribution budget.
賣方
賣方是進行廣告競價的一方,可能是賣方平台,也可能是發布商。
共用 ID
A computed value that consists of shared_info, reporting_origin,
destination_site (for Attribution Reporting API only),
source_registration-time (for Attribution Reporting API only),
scheduled_report_time, and version.
Multiple reports that share the same attributes in the shared_info
field should have the same shared ID. Shared IDs play an important role within
Aggregatable Report Accounting.
Read more about Trusted Servers.
網站
網站等同於 eTLD+1 和配置 (通訊協定)。
另請參閱頂層網域。
儲存空間分區
Storage partitioning is a mechanism in Chrome to prevent certain types of side-channel cross-site tracking, Chrome is partitioning storage and communications APIs in third-party contexts.
Storage partitioning prevents a site from joining data across different sites to track the user across the web.
摘要報表
An Attribution Reporting API and Private Aggregation API report type. A summary report includes aggregated user data, and can contain detailed conversion data with noise added. Summary reports are made up of aggregate reports. They allow for greater flexibility and provide a richer data model than event-level reporting, particularly for some use-cases like conversion values.
供應端平台、賣方平台
A supply-side platform is an ad tech service used to automate selling ad inventory. SSPs allow publishers to offer their inventory (empty rectangles where ads will go) to multiple ad exchanges, DSPs, and networks. This enables a wide range of potential buyers to bid for ad space.
Surface
第三方
第三方是指透過與您所造訪的網站不同的網域提供的資源。
舉例來說,網站 foo.com 可能會使用 google-analytics.com 的分析程式碼 (透過 JavaScript)、use.typekit.net 的字型 (透過連結元素) 和 vimeo.com 的影片 (在 iframe 中)。另請參閱第一方一文。
第三方 Cookie
A third-party cookie is a cookie stored by a third-party service.
For example, a video website might include a Watch Later button in their embedded player to allow a user to add a video to their wishlist without forcing them to navigate to the video site.
See also First-party cookie.
頂層網域 (TLD)
.com 和 .org 等頂層網域會列在「根區域資料庫」中。
主題
A topic is a human-readable topic of interest of a user and is part of the Topics taxonomy.
主題分類
Topics 分類是公開的人工收錄、人類可讀類別階層,Topics API 會使用這類別來代表使用者的興趣。
受信任的執行環境 (TEE)
電腦硬體和軟體的安全設定,可讓外部各方驗證機器上執行的確切軟體版本,不必擔心資訊外洩。在 TEE 中,外部各方可驗證軟體是否完全依軟體製造商聲明的方式運作。
如要進一步瞭解 Privacy Sandbox 提案中使用的 TEE,請參閱「Protected Audience API 服務說明」和「匯總服務說明」。
使用者代理程式用戶端提示 (UA-CH)
User-agent client hints provide specific pieces of the User-Agent string on explicit request. This helps reduce passive surfaces in the User-Agent string which may lead to user identification or covert tracking.
UA-CH is sometimes referred to as "Client Hints."
User-Agent 字串
A user-agent string is an HTTP header used by servers and network peers to request identifying information about an application, operating system, vendor, or version of a user agent. The User-Agent string broadcasts a large string of data, which is problematic for user privacy. User-Agent reduction is proposed to remove sensitive information and reduce passive fingerprinting.
.well-known
.well-known 檔案可用於從標準化網址新增網站的重新導向。
舉例來說,當網站設定從 /.well-known/change-password 重新導向至網站變更密碼的頁面時,密碼管理工具可以讓使用者更輕鬆地更新密碼。
此外,在提出要求「之前」存取主機的政策或其他資訊會很實用。舉例來說,robots.txt 會指示網路檢索器要造訪哪些網頁,以及要略過哪些網頁。IETF RFC8615 概述瞭如何讓 /.well-known/ 子目錄中的標準位置存取全網站中繼資料。
如要查看 .well-known 的建議清單,請前往 iana.org/assignments/well-known-uris/well-known-uris.xhtml。
Worklet
A worklet allows you to run specific JavaScript functions and return information back to the requester. Within a worklet, you can execute JavaScript but you cannot interact or communicate with the outside page.
Worklets are used to store and extract data with the Shared Storage API.